p71924506
/
aosp12
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
aosp12/external/python/google-api-python-client/docs/dyn/run_v1alpha1.namespaces.ser...

63817 lines
4.5 MiB
Raw Permalink Blame History

<html><body>
<style>
body, h1, h2, h3, div, span, p, pre, a {
margin: 0;
padding: 0;
border: 0;
font-weight: inherit;
font-style: inherit;
font-size: 100%;
font-family: inherit;
vertical-align: baseline;
}
body {
font-size: 13px;
padding: 1em;
}
h1 {
font-size: 26px;
margin-bottom: 1em;
}
h2 {
font-size: 24px;
margin-bottom: 1em;
}
h3 {
font-size: 20px;
margin-bottom: 1em;
margin-top: 1em;
}
pre, code {
line-height: 1.5;
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}
pre {
margin-top: 0.5em;
}
h1, h2, h3, p {
font-family: Arial, sans serif;
}
h1, h2, h3 {
border-bottom: solid #CCC 1px;
}
.toc_element {
margin-top: 0.5em;
}
.firstline {
margin-left: 2 em;
}
.method {
margin-top: 1em;
border: solid 1px #CCC;
padding: 1em;
background: #EEE;
}
.details {
font-weight: bold;
font-size: 14px;
}
</style>
<h1><a href="run_v1alpha1.html">Cloud Run API</a> . <a href="run_v1alpha1.namespaces.html">namespaces</a> . <a href="run_v1alpha1.namespaces.services.html">services</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
<p class="firstline">Rpc to create a service.</p>
<p class="toc_element">
<code><a href="#delete">delete(name, kind=None, propagationPolicy=None, orphanDependents=None, apiVersion=None, x__xgafv=None)</a></code></p>
<p class="firstline">Rpc to delete a service.</p>
<p class="toc_element">
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Rpc to get information about a service.</p>
<p class="toc_element">
<code><a href="#list">list(parent, labelSelector=None, includeUninitialized=None, x__xgafv=None, resourceVersion=None, limit=None, watch=None, continue=None, fieldSelector=None)</a></code></p>
<p class="firstline">Rpc to list services.</p>
<p class="toc_element">
<code><a href="#replaceService">replaceService(name, body, x__xgafv=None)</a></code></p>
<p class="firstline">Rpc to replace a service.</p>
<h3>Method Details</h3>
<div class="method">
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
<pre>Rpc to create a service.
Args:
parent: string, The project ID or project number in which this service should be created. (required)
body: object, The request body. (required)
The object takes the form of:
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}</pre>
</div>
<div class="method">
<code class="details" id="delete">delete(name, kind=None, propagationPolicy=None, orphanDependents=None, apiVersion=None, x__xgafv=None)</code>
<pre>Rpc to delete a service.
This will cause the Service to stop serving traffic and will delete the
child entities like Routes, Configurations and Revisions.
Args:
name: string, The name of the service being deleted. If needed, replace
{namespace_id} with the project ID. (required)
kind: string, Cloud Run currently ignores this parameter.
propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores
this setting, and deletes in the background. Please see
kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for
more information.
orphanDependents: boolean, Deprecated.
Specifies the cascade behavior on delete.
Cloud Run only supports cascading behavior, so this must be false.
This attribute is deprecated, and is now replaced with PropagationPolicy
See https://github.com/kubernetes/kubernetes/issues/46659 for more info.
apiVersion: string, Cloud Run currently ignores this parameter.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A generic empty message that you can re-use to avoid defining duplicated
# empty messages in your APIs. A typical example is to use it as the request
# or the response type of an API method. For instance:
#
# service Foo {
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
# }
#
# The JSON representation for `Empty` is empty JSON object `{}`.
}</pre>
</div>
<div class="method">
<code class="details" id="get">get(name, x__xgafv=None)</code>
<pre>Rpc to get information about a service.
Args:
name: string, The name of the service being retrieved. If needed, replace
{namespace_id} with the project ID. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}</pre>
</div>
<div class="method">
<code class="details" id="list">list(parent, labelSelector=None, includeUninitialized=None, x__xgafv=None, resourceVersion=None, limit=None, watch=None, continue=None, fieldSelector=None)</code>
<pre>Rpc to list services.
Args:
parent: string, The project ID or project number from which the services should be listed. (required)
labelSelector: string, Allows to filter resources based on a label. Supported operations are
=, !=, exists, in, and notIn.
includeUninitialized: boolean, Not currently used by Cloud Run.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
resourceVersion: string, The baseline resource version from which the list or watch operation should
start. Not currently used by Cloud Run.
limit: integer, The maximum number of records that should be returned.
watch: boolean, Flag that indicates that the client expects to watch this resource as well.
Not currently used by Cloud Run.
continue: string, Optional encoded string to continue paging.
fieldSelector: string, Allows to filter resources based on a specific value for a field name.
Send this in a query string format. i.e. 'metadata.name%3Dlorem'.
Not currently used by Cloud Run.
Returns:
An object of the form:
{ # A list of Service resources.
"unreachable": [ # Locations that could not be reached.
"A String",
],
"kind": "A String", # The kind of this resource, in this case "ServiceList".
"items": [ # List of Services.
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
],
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ListMeta describes metadata that synthetic resources must have, including # Metadata associated with this Service list.
# lists and various status objects. A resource may have only one of
# {ObjectMeta, ListMeta}.
"continue": "A String", # continue may be set if the user set a limit on the number of items
# returned, and indicates that the server has more data available. The value
# is opaque and may be used to issue another request to the endpoint that
# served this list to retrieve the next set of available objects. Continuing
# a list may not be possible if the server configuration has changed or more
# than a few minutes have passed. The resourceVersion field returned when
# using this continue value will be identical to the value in the first
# response.
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
"resourceVersion": "A String", # String that identifies the server's internal version of this object that
# can be used by clients to determine when objects have changed. Value must
# be treated as opaque by clients and passed unmodified back to the server.
# Populated by the system.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
},
}</pre>
</div>
<div class="method">
<code class="details" id="replaceService">replaceService(name, body, x__xgafv=None)</code>
<pre>Rpc to replace a service.
Only the spec and metadata labels and annotations are modifiable. After
the Update request, Cloud Run will work to make the 'status'
match the requested 'spec'.
May provide metadata.resourceVersion to enforce update from last read for
optimistic concurrency control.
Args:
name: string, The name of the service being replaced. If needed, replace
{namespace_id} with the project ID. (required)
body: object, The request body. (required)
The object takes the form of:
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Service acts as a top-level container that manages a set of Routes and
# Configurations which implement a network service. Service exists to provide a
# singular abstraction which can be access controlled, reasoned about, and
# which encapsulates software lifecycle decisions such as rollout policy and
# team resource ownership. Service acts only as an orchestrator of the
# underlying Routes and Configurations (much as a kubernetes Deployment
# orchestrates ReplicaSets).
#
# The Service's controller will track the statuses of its owned Configuration
# and Route, reflecting their statuses and conditions as its own.
#
# See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#service
"status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the
# controller).
"domain": "A String", # From RouteStatus.
# Domain holds the top-level domain that will distribute traffic over the
# provided targets. It generally has the form
# https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app
"latestReadyRevisionName": "A String", # From ConfigurationStatus.
# LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Service's Configuration that has had its "Ready" condition become
# "True".
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that
# was last processed by the controller.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation and the Ready condition's status
# is True or False.
"traffic": [ # From RouteStatus.
# Traffic holds the configured traffic distribution.
# These entries will always contain RevisionName references.
# When ConfigurationName appears in the spec, this will hold the
# LatestReadyRevisionName that we last observed.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"address": { # Information for connecting over HTTP(s). # From RouteStatus.
# Similar to domain, information on where the service is available on HTTP.
"hostname": "A String",
},
"latestCreatedRevisionName": "A String", # From ConfigurationStatus.
# LatestCreatedRevisionName is the last revision that was created from this
# Service's Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ServiceCondition defines a readiness condition for a Service.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ServiceConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
#
# Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready"
# will be true when the underlying Route and Configuration are ready.
},
],
},
"kind": "A String", # The kind of resource, in this case "Service".
"spec": { # ServiceSpec holds the desired state of the Route (from the client), which # Spec holds the desired state of the Service (from the client).
# is used to manipulate the underlying Route and Configuration(s).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"manual": { # ServiceSpecManualType contains the options for configuring a manual service. # Manual contains the options for configuring a manual service. See
# ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
},
"pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The # Pins this service to a specific revision name. The revision must
# be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
# +optional
# revision must be owned by the configuration provided.
#
# Deprecated and not supported by Cloud Run.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisionName": "A String", # The revision name to pin this service to until changed
# to a different service type.
},
"traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative
# Revisions and Configurations. This will replace existing service specs
# (ServiceSpecRunLatest, ServiceSpecPinnedType, ServiceSpecReleaseType, and
# ServiceSpecManualType).
#
# Not currently supported by Cloud Run.
{ # TrafficTarget holds a single entry of the routing table for a Route.
"latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest
# ready Revision of the Configuration should be used for this traffic
# target. When provided LatestRevision must be true if RevisionName is
# empty; it must be false when RevisionName is non-empty.
#
# Not currently supported in Cloud Run.
# +optional
"name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this
# target exclusively.
#
# Not currently supported by Cloud Run.
# +optional
"url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL
# is displayed in status, and is disallowed on spec. URL must contain a
# scheme (e.g. http://) and a hostname, but may not contain anything else
# (e.g. basic auth, url path, etc.
#
# Not currently supported in Cloud Run.
"percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration.
# This defaults to zero if unspecified.
#
# Cloud Run currently requires 100 percent for a single ConfigurationName
# TrafficTarget entry.
"revisionName": "A String", # RevisionName of a specific revision to which to send this portion of
# traffic. This is mutually exclusive with ConfigurationName.
#
# Providing RevisionName in spec is not currently supported by Cloud Run.
"configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will
# send this portion of traffic. When the "status.latestReadyRevisionName"
# of the referenced configuration changes, we will automatically migrate
# traffic from the prior "latest ready" revision to the new one. This field
# is never set in Route's status, only its spec. This is mutually exclusive
# with RevisionName.
#
# Cloud Run currently supports a single ConfigurationName.
"tag": "A String", # Tag is optionally used to expose a dedicated url for referencing
# this target exclusively.
#
# Not currently supported in Cloud Run.
# +optional
},
],
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to
# be stamped out.
#
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. # Release enables gradual promotion of new revisions by allowing traffic
# to be split between two revisions. This type replaces the deprecated
# Pinned type.
#
# Not currently supported by Cloud Run.
# See ServiceSpec for more details.
#
# Not currently supported by Cloud Run.
"rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the
# candidate revision, i.e. the 2nd revision in the revisions list.
# Valid values are between 0 and 99 inclusive.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service. All revisions from this service must
# come from a single configuration.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current
# revision, and the second is the candidate revision. If a single revision
# is provided, traffic will be pinned at that revision.
#
# "@latest" is a shortcut for usage that refers to the latest created
# revision by the configuration.
"A String",
],
},
"runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the # RunLatest defines a simple Service. It will automatically
# configure a route that keeps the latest ready revision
# from the supplied configuration running.
# +optional
# latest configuration. See ServiceSpec for more details.
"configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the # The configuration for this service.
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map<string, Quantity> requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map<string, Quantity> limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Service, including name, namespace, labels,
# and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}</pre>
</div>
</body></html>
Reference in New Issue View Git Blame Copy Permalink