1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="run_v1alpha1.html">Cloud Run Admin API</a> . <a href="run_v1alpha1.namespaces.html">namespaces</a> . <a href="run_v1alpha1.namespaces.services.html">services</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#close">close()</a></code></p> 79<p class="firstline">Close httplib2 connections.</p> 80<p class="toc_element"> 81 <code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p> 82<p class="firstline">Rpc to create a service.</p> 83<p class="toc_element"> 84 <code><a href="#delete">delete(name, apiVersion=None, kind=None, orphanDependents=None, propagationPolicy=None, x__xgafv=None)</a></code></p> 85<p class="firstline">Rpc to delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.</p> 86<p class="toc_element"> 87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 88<p class="firstline">Rpc to get information about a service.</p> 89<p class="toc_element"> 90 <code><a href="#list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</a></code></p> 91<p class="firstline">Rpc to list services.</p> 92<p class="toc_element"> 93 <code><a href="#replaceService">replaceService(name, body=None, x__xgafv=None)</a></code></p> 94<p class="firstline">Rpc to replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.</p> 95<h3>Method Details</h3> 96<div class="method"> 97 <code class="details" id="close">close()</code> 98 <pre>Close httplib2 connections.</pre> 99</div> 100 101<div class="method"> 102 <code class="details" id="create">create(parent, body=None, x__xgafv=None)</code> 103 <pre>Rpc to create a service. 104 105Args: 106 parent: string, The project ID or project number in which this service should be created. (required) 107 body: object, The request body. 108 The object takes the form of: 109 110{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 111 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 112 "kind": "A String", # The kind of resource, in this case "Service". 113 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 114 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 115 "a_key": "A String", 116 }, 117 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 118 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 119 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 120 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 121 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 122 "A String", 123 ], 124 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 125 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 126 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 127 "a_key": "A String", 128 }, 129 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 130 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 131 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 132 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 133 "apiVersion": "A String", # API version of the referent. 134 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 135 "controller": True or False, # If true, this reference points to the managing controller. +optional 136 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 137 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 138 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 139 }, 140 ], 141 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 142 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 143 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 144 }, 145 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 146 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 147 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 148 }, 149 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 150 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 151 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 152 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 153 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 154 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 155 "a_key": "A String", 156 }, 157 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 158 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 159 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 160 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 161 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 162 "A String", 163 ], 164 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 165 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 166 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 167 "a_key": "A String", 168 }, 169 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 170 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 171 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 172 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 173 "apiVersion": "A String", # API version of the referent. 174 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 175 "controller": True or False, # If true, this reference points to the managing controller. +optional 176 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 177 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 178 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 179 }, 180 ], 181 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 182 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 183 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 184 }, 185 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 186 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 187 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 188 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 189 "A String", 190 ], 191 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 192 "A String", 193 ], 194 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 195 { # EnvVar represents an environment variable present in a Container. 196 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 197 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 198 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 199 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 200 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 201 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 202 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 203 }, 204 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 205 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 206 }, 207 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 208 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 209 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 210 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 211 }, 212 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 213 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 214 }, 215 }, 216 }, 217 ], 218 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 219 { # EnvFromSource represents the source of a set of ConfigMaps 220 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 221 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 222 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 223 }, 224 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 225 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 226 }, 227 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 228 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 229 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 230 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 231 }, 232 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 233 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 234 }, 235 }, 236 ], 237 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 238 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 239 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 240 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 241 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 242 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 243 "A String", 244 ], 245 }, 246 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 247 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 248 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 249 { # HTTPHeader describes a custom header to be used in HTTP probes 250 "name": "A String", # The header field name 251 "value": "A String", # The header field value 252 }, 253 ], 254 "path": "A String", # Path to access on the HTTP server. +optional 255 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 256 "intVal": 42, # The int value. 257 "strVal": "A String", # The string value. 258 "type": 42, # The type of the value. 259 }, 260 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 261 }, 262 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 263 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 264 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 265 "intVal": 42, # The int value. 266 "strVal": "A String", # The string value. 267 "type": 42, # The type of the value. 268 }, 269 }, 270 }, 271 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 272 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 273 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 274 "A String", 275 ], 276 }, 277 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 278 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 279 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 280 { # HTTPHeader describes a custom header to be used in HTTP probes 281 "name": "A String", # The header field name 282 "value": "A String", # The header field value 283 }, 284 ], 285 "path": "A String", # Path to access on the HTTP server. +optional 286 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 287 "intVal": 42, # The int value. 288 "strVal": "A String", # The string value. 289 "type": 42, # The type of the value. 290 }, 291 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 292 }, 293 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 294 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 295 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 296 "intVal": 42, # The int value. 297 "strVal": "A String", # The string value. 298 "type": 42, # The type of the value. 299 }, 300 }, 301 }, 302 }, 303 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 304 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 305 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 306 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 307 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 308 "A String", 309 ], 310 }, 311 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 312 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 313 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 314 { # HTTPHeader describes a custom header to be used in HTTP probes 315 "name": "A String", # The header field name 316 "value": "A String", # The header field value 317 }, 318 ], 319 "path": "A String", # Path to access on the HTTP server. +optional 320 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 321 "intVal": 42, # The int value. 322 "strVal": "A String", # The string value. 323 "type": 42, # The type of the value. 324 }, 325 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 326 }, 327 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 328 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 329 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 330 "intVal": 42, # The int value. 331 "strVal": "A String", # The string value. 332 "type": 42, # The type of the value. 333 }, 334 }, 335 }, 336 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 337 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 338 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 339 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 340 }, 341 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 342 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 343 { # ContainerPort represents a network port in a single container. 344 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 345 "hostIP": "A String", # What host IP to bind the external port to. +optional 346 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 347 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 348 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 349 }, 350 ], 351 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 352 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 353 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 354 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 355 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 356 "A String", 357 ], 358 }, 359 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 360 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 361 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 362 { # HTTPHeader describes a custom header to be used in HTTP probes 363 "name": "A String", # The header field name 364 "value": "A String", # The header field value 365 }, 366 ], 367 "path": "A String", # Path to access on the HTTP server. +optional 368 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 369 "intVal": 42, # The int value. 370 "strVal": "A String", # The string value. 371 "type": 42, # The type of the value. 372 }, 373 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 374 }, 375 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 376 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 377 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 378 "intVal": 42, # The int value. 379 "strVal": "A String", # The string value. 380 "type": 42, # The type of the value. 381 }, 382 }, 383 }, 384 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 385 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 386 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 387 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 388 }, 389 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 390 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 391 "a_key": "A String", 392 }, 393 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 394 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 395 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 396 }, 397 }, 398 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 399 "a_key": "A String", 400 }, 401 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 402 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 403 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 404 }, 405 }, 406 }, 407 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 408 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 409 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 410 "add": [ # Added capabilities +optional 411 "A String", 412 ], 413 "drop": [ # Removed capabilities +optional 414 "A String", 415 ], 416 }, 417 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 418 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 419 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 420 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 421 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 422 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 423 "level": "A String", # Level is SELinux level label that applies to the container. +optional 424 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 425 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 426 "user": "A String", # User is a SELinux user label that applies to the container. +optional 427 }, 428 }, 429 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 430 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 431 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 432 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 433 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 434 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 435 { # volumeDevice describes a mapping of a raw block device within a container. 436 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 437 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 438 }, 439 ], 440 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 441 { # VolumeMount describes a mounting of a Volume within a container. 442 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 443 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 444 "name": "A String", # This must match the Name of a Volume. 445 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 446 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 447 }, 448 ], 449 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 450 }, 451 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 452 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 453 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 454 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 455 "A String", 456 ], 457 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 458 "A String", 459 ], 460 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 461 { # EnvVar represents an environment variable present in a Container. 462 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 463 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 464 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 465 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 466 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 467 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 468 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 469 }, 470 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 471 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 472 }, 473 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 474 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 475 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 476 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 477 }, 478 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 479 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 480 }, 481 }, 482 }, 483 ], 484 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 485 { # EnvFromSource represents the source of a set of ConfigMaps 486 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 487 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 488 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 489 }, 490 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 491 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 492 }, 493 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 494 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 495 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 496 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 497 }, 498 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 499 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 500 }, 501 }, 502 ], 503 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 504 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 505 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 506 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 507 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 508 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 509 "A String", 510 ], 511 }, 512 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 513 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 514 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 515 { # HTTPHeader describes a custom header to be used in HTTP probes 516 "name": "A String", # The header field name 517 "value": "A String", # The header field value 518 }, 519 ], 520 "path": "A String", # Path to access on the HTTP server. +optional 521 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 522 "intVal": 42, # The int value. 523 "strVal": "A String", # The string value. 524 "type": 42, # The type of the value. 525 }, 526 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 527 }, 528 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 529 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 530 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 531 "intVal": 42, # The int value. 532 "strVal": "A String", # The string value. 533 "type": 42, # The type of the value. 534 }, 535 }, 536 }, 537 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 538 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 539 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 540 "A String", 541 ], 542 }, 543 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 544 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 545 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 546 { # HTTPHeader describes a custom header to be used in HTTP probes 547 "name": "A String", # The header field name 548 "value": "A String", # The header field value 549 }, 550 ], 551 "path": "A String", # Path to access on the HTTP server. +optional 552 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 553 "intVal": 42, # The int value. 554 "strVal": "A String", # The string value. 555 "type": 42, # The type of the value. 556 }, 557 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 558 }, 559 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 560 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 561 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 562 "intVal": 42, # The int value. 563 "strVal": "A String", # The string value. 564 "type": 42, # The type of the value. 565 }, 566 }, 567 }, 568 }, 569 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 570 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 571 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 572 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 573 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 574 "A String", 575 ], 576 }, 577 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 578 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 579 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 580 { # HTTPHeader describes a custom header to be used in HTTP probes 581 "name": "A String", # The header field name 582 "value": "A String", # The header field value 583 }, 584 ], 585 "path": "A String", # Path to access on the HTTP server. +optional 586 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 587 "intVal": 42, # The int value. 588 "strVal": "A String", # The string value. 589 "type": 42, # The type of the value. 590 }, 591 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 592 }, 593 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 594 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 595 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 596 "intVal": 42, # The int value. 597 "strVal": "A String", # The string value. 598 "type": 42, # The type of the value. 599 }, 600 }, 601 }, 602 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 603 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 604 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 605 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 606 }, 607 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 608 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 609 { # ContainerPort represents a network port in a single container. 610 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 611 "hostIP": "A String", # What host IP to bind the external port to. +optional 612 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 613 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 614 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 615 }, 616 ], 617 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 618 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 619 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 620 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 621 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 622 "A String", 623 ], 624 }, 625 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 626 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 627 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 628 { # HTTPHeader describes a custom header to be used in HTTP probes 629 "name": "A String", # The header field name 630 "value": "A String", # The header field value 631 }, 632 ], 633 "path": "A String", # Path to access on the HTTP server. +optional 634 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 635 "intVal": 42, # The int value. 636 "strVal": "A String", # The string value. 637 "type": 42, # The type of the value. 638 }, 639 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 640 }, 641 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 642 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 643 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 644 "intVal": 42, # The int value. 645 "strVal": "A String", # The string value. 646 "type": 42, # The type of the value. 647 }, 648 }, 649 }, 650 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 651 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 652 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 653 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 654 }, 655 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 656 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 657 "a_key": "A String", 658 }, 659 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 660 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 661 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 662 }, 663 }, 664 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 665 "a_key": "A String", 666 }, 667 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 668 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 669 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 670 }, 671 }, 672 }, 673 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 674 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 675 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 676 "add": [ # Added capabilities +optional 677 "A String", 678 ], 679 "drop": [ # Removed capabilities +optional 680 "A String", 681 ], 682 }, 683 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 684 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 685 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 686 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 687 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 688 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 689 "level": "A String", # Level is SELinux level label that applies to the container. +optional 690 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 691 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 692 "user": "A String", # User is a SELinux user label that applies to the container. +optional 693 }, 694 }, 695 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 696 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 697 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 698 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 699 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 700 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 701 { # volumeDevice describes a mapping of a raw block device within a container. 702 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 703 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 704 }, 705 ], 706 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 707 { # VolumeMount describes a mounting of a Volume within a container. 708 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 709 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 710 "name": "A String", # This must match the Name of a Volume. 711 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 712 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 713 }, 714 ], 715 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 716 }, 717 ], 718 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 719 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 720 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 721 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 722 "volumes": [ 723 { # Volume represents a named volume in a container. 724 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 725 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 726 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 727 { # Maps a string key to a path within a volume. 728 "key": "A String", # The key to project. 729 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 730 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 731 }, 732 ], 733 "name": "A String", # Name of the config. 734 "optional": True or False, # Specify whether the Secret or its keys must be defined. 735 }, 736 "name": "A String", # Volume's name. 737 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 738 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 739 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 740 { # Maps a string key to a path within a volume. 741 "key": "A String", # The key to project. 742 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 743 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 744 }, 745 ], 746 "optional": True or False, # Specify whether the Secret or its keys must be defined. 747 "secretName": "A String", # Name of the secret in the container's namespace to use. 748 }, 749 }, 750 ], 751 }, 752 }, 753 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 754 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 755 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 756 "a_key": "A String", 757 }, 758 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 759 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 760 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 761 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 762 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 763 "A String", 764 ], 765 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 766 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 767 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 768 "a_key": "A String", 769 }, 770 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 771 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 772 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 773 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 774 "apiVersion": "A String", # API version of the referent. 775 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 776 "controller": True or False, # If true, this reference points to the managing controller. +optional 777 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 778 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 779 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 780 }, 781 ], 782 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 783 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 784 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 785 }, 786 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 787 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 788 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 789 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 790 "A String", 791 ], 792 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 793 "A String", 794 ], 795 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 796 { # EnvVar represents an environment variable present in a Container. 797 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 798 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 799 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 800 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 801 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 802 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 803 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 804 }, 805 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 806 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 807 }, 808 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 809 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 810 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 811 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 812 }, 813 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 814 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 815 }, 816 }, 817 }, 818 ], 819 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 820 { # EnvFromSource represents the source of a set of ConfigMaps 821 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 822 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 823 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 824 }, 825 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 826 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 827 }, 828 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 829 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 830 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 831 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 832 }, 833 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 834 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 835 }, 836 }, 837 ], 838 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 839 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 840 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 841 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 842 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 843 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 844 "A String", 845 ], 846 }, 847 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 848 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 849 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 850 { # HTTPHeader describes a custom header to be used in HTTP probes 851 "name": "A String", # The header field name 852 "value": "A String", # The header field value 853 }, 854 ], 855 "path": "A String", # Path to access on the HTTP server. +optional 856 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 857 "intVal": 42, # The int value. 858 "strVal": "A String", # The string value. 859 "type": 42, # The type of the value. 860 }, 861 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 862 }, 863 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 864 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 865 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 866 "intVal": 42, # The int value. 867 "strVal": "A String", # The string value. 868 "type": 42, # The type of the value. 869 }, 870 }, 871 }, 872 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 873 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 874 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 875 "A String", 876 ], 877 }, 878 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 879 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 880 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 881 { # HTTPHeader describes a custom header to be used in HTTP probes 882 "name": "A String", # The header field name 883 "value": "A String", # The header field value 884 }, 885 ], 886 "path": "A String", # Path to access on the HTTP server. +optional 887 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 888 "intVal": 42, # The int value. 889 "strVal": "A String", # The string value. 890 "type": 42, # The type of the value. 891 }, 892 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 893 }, 894 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 895 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 896 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 897 "intVal": 42, # The int value. 898 "strVal": "A String", # The string value. 899 "type": 42, # The type of the value. 900 }, 901 }, 902 }, 903 }, 904 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 905 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 906 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 907 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 908 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 909 "A String", 910 ], 911 }, 912 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 913 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 914 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 915 { # HTTPHeader describes a custom header to be used in HTTP probes 916 "name": "A String", # The header field name 917 "value": "A String", # The header field value 918 }, 919 ], 920 "path": "A String", # Path to access on the HTTP server. +optional 921 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 922 "intVal": 42, # The int value. 923 "strVal": "A String", # The string value. 924 "type": 42, # The type of the value. 925 }, 926 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 927 }, 928 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 929 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 930 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 931 "intVal": 42, # The int value. 932 "strVal": "A String", # The string value. 933 "type": 42, # The type of the value. 934 }, 935 }, 936 }, 937 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 938 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 939 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 940 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 941 }, 942 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 943 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 944 { # ContainerPort represents a network port in a single container. 945 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 946 "hostIP": "A String", # What host IP to bind the external port to. +optional 947 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 948 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 949 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 950 }, 951 ], 952 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 953 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 954 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 955 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 956 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 957 "A String", 958 ], 959 }, 960 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 961 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 962 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 963 { # HTTPHeader describes a custom header to be used in HTTP probes 964 "name": "A String", # The header field name 965 "value": "A String", # The header field value 966 }, 967 ], 968 "path": "A String", # Path to access on the HTTP server. +optional 969 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 970 "intVal": 42, # The int value. 971 "strVal": "A String", # The string value. 972 "type": 42, # The type of the value. 973 }, 974 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 975 }, 976 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 977 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 978 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 979 "intVal": 42, # The int value. 980 "strVal": "A String", # The string value. 981 "type": 42, # The type of the value. 982 }, 983 }, 984 }, 985 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 986 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 987 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 988 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 989 }, 990 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 991 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 992 "a_key": "A String", 993 }, 994 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 995 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 996 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 997 }, 998 }, 999 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1000 "a_key": "A String", 1001 }, 1002 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1003 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1004 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1005 }, 1006 }, 1007 }, 1008 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1009 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1010 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1011 "add": [ # Added capabilities +optional 1012 "A String", 1013 ], 1014 "drop": [ # Removed capabilities +optional 1015 "A String", 1016 ], 1017 }, 1018 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1019 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1020 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1021 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1022 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1023 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1024 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1025 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1026 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1027 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1028 }, 1029 }, 1030 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1031 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1032 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1033 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1034 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1035 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1036 { # volumeDevice describes a mapping of a raw block device within a container. 1037 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1038 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1039 }, 1040 ], 1041 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1042 { # VolumeMount describes a mounting of a Volume within a container. 1043 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1044 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1045 "name": "A String", # This must match the Name of a Volume. 1046 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1047 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1048 }, 1049 ], 1050 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1051 }, 1052 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1053 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 1054 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1055 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1056 "A String", 1057 ], 1058 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1059 "A String", 1060 ], 1061 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1062 { # EnvVar represents an environment variable present in a Container. 1063 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1064 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1065 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1066 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1067 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1068 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1069 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1070 }, 1071 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1072 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1073 }, 1074 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1075 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1076 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1077 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1078 }, 1079 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1080 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1081 }, 1082 }, 1083 }, 1084 ], 1085 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1086 { # EnvFromSource represents the source of a set of ConfigMaps 1087 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1088 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1089 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1090 }, 1091 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1092 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1093 }, 1094 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1095 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1096 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1097 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1098 }, 1099 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1100 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1101 }, 1102 }, 1103 ], 1104 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1105 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1106 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1107 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1108 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1109 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1110 "A String", 1111 ], 1112 }, 1113 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1114 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1115 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1116 { # HTTPHeader describes a custom header to be used in HTTP probes 1117 "name": "A String", # The header field name 1118 "value": "A String", # The header field value 1119 }, 1120 ], 1121 "path": "A String", # Path to access on the HTTP server. +optional 1122 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1123 "intVal": 42, # The int value. 1124 "strVal": "A String", # The string value. 1125 "type": 42, # The type of the value. 1126 }, 1127 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1128 }, 1129 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1130 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1131 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1132 "intVal": 42, # The int value. 1133 "strVal": "A String", # The string value. 1134 "type": 42, # The type of the value. 1135 }, 1136 }, 1137 }, 1138 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1139 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1140 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1141 "A String", 1142 ], 1143 }, 1144 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1145 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1146 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1147 { # HTTPHeader describes a custom header to be used in HTTP probes 1148 "name": "A String", # The header field name 1149 "value": "A String", # The header field value 1150 }, 1151 ], 1152 "path": "A String", # Path to access on the HTTP server. +optional 1153 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1154 "intVal": 42, # The int value. 1155 "strVal": "A String", # The string value. 1156 "type": 42, # The type of the value. 1157 }, 1158 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1159 }, 1160 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1161 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1162 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1163 "intVal": 42, # The int value. 1164 "strVal": "A String", # The string value. 1165 "type": 42, # The type of the value. 1166 }, 1167 }, 1168 }, 1169 }, 1170 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1171 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1172 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1173 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1174 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1175 "A String", 1176 ], 1177 }, 1178 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1179 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1180 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1181 { # HTTPHeader describes a custom header to be used in HTTP probes 1182 "name": "A String", # The header field name 1183 "value": "A String", # The header field value 1184 }, 1185 ], 1186 "path": "A String", # Path to access on the HTTP server. +optional 1187 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1188 "intVal": 42, # The int value. 1189 "strVal": "A String", # The string value. 1190 "type": 42, # The type of the value. 1191 }, 1192 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1193 }, 1194 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1195 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1196 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1197 "intVal": 42, # The int value. 1198 "strVal": "A String", # The string value. 1199 "type": 42, # The type of the value. 1200 }, 1201 }, 1202 }, 1203 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1204 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1205 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1206 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1207 }, 1208 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1209 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1210 { # ContainerPort represents a network port in a single container. 1211 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1212 "hostIP": "A String", # What host IP to bind the external port to. +optional 1213 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1214 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1215 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1216 }, 1217 ], 1218 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1219 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1220 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1221 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1222 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1223 "A String", 1224 ], 1225 }, 1226 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1227 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1228 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1229 { # HTTPHeader describes a custom header to be used in HTTP probes 1230 "name": "A String", # The header field name 1231 "value": "A String", # The header field value 1232 }, 1233 ], 1234 "path": "A String", # Path to access on the HTTP server. +optional 1235 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1236 "intVal": 42, # The int value. 1237 "strVal": "A String", # The string value. 1238 "type": 42, # The type of the value. 1239 }, 1240 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1241 }, 1242 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1243 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1244 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1245 "intVal": 42, # The int value. 1246 "strVal": "A String", # The string value. 1247 "type": 42, # The type of the value. 1248 }, 1249 }, 1250 }, 1251 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1252 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1253 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1254 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1255 }, 1256 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1257 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1258 "a_key": "A String", 1259 }, 1260 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1261 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1262 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1263 }, 1264 }, 1265 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1266 "a_key": "A String", 1267 }, 1268 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1269 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1270 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1271 }, 1272 }, 1273 }, 1274 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1275 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1276 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1277 "add": [ # Added capabilities +optional 1278 "A String", 1279 ], 1280 "drop": [ # Removed capabilities +optional 1281 "A String", 1282 ], 1283 }, 1284 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1285 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1286 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1287 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1288 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1289 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1290 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1291 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1292 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1293 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1294 }, 1295 }, 1296 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1297 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1298 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1299 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1300 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1301 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1302 { # volumeDevice describes a mapping of a raw block device within a container. 1303 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1304 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1305 }, 1306 ], 1307 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1308 { # VolumeMount describes a mounting of a Volume within a container. 1309 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1310 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1311 "name": "A String", # This must match the Name of a Volume. 1312 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1313 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1314 }, 1315 ], 1316 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1317 }, 1318 ], 1319 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1320 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1321 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 1322 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 1323 "volumes": [ 1324 { # Volume represents a named volume in a container. 1325 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1326 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1327 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1328 { # Maps a string key to a path within a volume. 1329 "key": "A String", # The key to project. 1330 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1331 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1332 }, 1333 ], 1334 "name": "A String", # Name of the config. 1335 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1336 }, 1337 "name": "A String", # Volume's name. 1338 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1339 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1340 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1341 { # Maps a string key to a path within a volume. 1342 "key": "A String", # The key to project. 1343 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1344 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1345 }, 1346 ], 1347 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1348 "secretName": "A String", # Name of the secret in the container's namespace to use. 1349 }, 1350 }, 1351 ], 1352 }, 1353 }, 1354 }, 1355 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 1356 }, 1357 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 1358 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 1359 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1360 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 1361 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 1362 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 1363 "a_key": "A String", 1364 }, 1365 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 1366 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1367 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 1368 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1369 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 1370 "A String", 1371 ], 1372 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 1373 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 1374 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 1375 "a_key": "A String", 1376 }, 1377 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1378 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1379 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 1380 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1381 "apiVersion": "A String", # API version of the referent. 1382 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1383 "controller": True or False, # If true, this reference points to the managing controller. +optional 1384 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1385 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1386 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1387 }, 1388 ], 1389 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 1390 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 1391 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 1392 }, 1393 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1394 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 1395 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 1396 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1397 "A String", 1398 ], 1399 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1400 "A String", 1401 ], 1402 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1403 { # EnvVar represents an environment variable present in a Container. 1404 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1405 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1406 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1407 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1408 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1409 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1410 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1411 }, 1412 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1413 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1414 }, 1415 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1416 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1417 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1418 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1419 }, 1420 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1421 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1422 }, 1423 }, 1424 }, 1425 ], 1426 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1427 { # EnvFromSource represents the source of a set of ConfigMaps 1428 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1429 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1430 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1431 }, 1432 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1433 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1434 }, 1435 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1436 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1437 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1438 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1439 }, 1440 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1441 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1442 }, 1443 }, 1444 ], 1445 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1446 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1447 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1448 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1449 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1450 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1451 "A String", 1452 ], 1453 }, 1454 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1455 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1456 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1457 { # HTTPHeader describes a custom header to be used in HTTP probes 1458 "name": "A String", # The header field name 1459 "value": "A String", # The header field value 1460 }, 1461 ], 1462 "path": "A String", # Path to access on the HTTP server. +optional 1463 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1464 "intVal": 42, # The int value. 1465 "strVal": "A String", # The string value. 1466 "type": 42, # The type of the value. 1467 }, 1468 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1469 }, 1470 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1471 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1472 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1473 "intVal": 42, # The int value. 1474 "strVal": "A String", # The string value. 1475 "type": 42, # The type of the value. 1476 }, 1477 }, 1478 }, 1479 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1480 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1481 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1482 "A String", 1483 ], 1484 }, 1485 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1486 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1487 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1488 { # HTTPHeader describes a custom header to be used in HTTP probes 1489 "name": "A String", # The header field name 1490 "value": "A String", # The header field value 1491 }, 1492 ], 1493 "path": "A String", # Path to access on the HTTP server. +optional 1494 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1495 "intVal": 42, # The int value. 1496 "strVal": "A String", # The string value. 1497 "type": 42, # The type of the value. 1498 }, 1499 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1500 }, 1501 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1502 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1503 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1504 "intVal": 42, # The int value. 1505 "strVal": "A String", # The string value. 1506 "type": 42, # The type of the value. 1507 }, 1508 }, 1509 }, 1510 }, 1511 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1512 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1513 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1514 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1515 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1516 "A String", 1517 ], 1518 }, 1519 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1520 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1521 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1522 { # HTTPHeader describes a custom header to be used in HTTP probes 1523 "name": "A String", # The header field name 1524 "value": "A String", # The header field value 1525 }, 1526 ], 1527 "path": "A String", # Path to access on the HTTP server. +optional 1528 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1529 "intVal": 42, # The int value. 1530 "strVal": "A String", # The string value. 1531 "type": 42, # The type of the value. 1532 }, 1533 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1534 }, 1535 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1536 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1537 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1538 "intVal": 42, # The int value. 1539 "strVal": "A String", # The string value. 1540 "type": 42, # The type of the value. 1541 }, 1542 }, 1543 }, 1544 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1545 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1546 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1547 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1548 }, 1549 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1550 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1551 { # ContainerPort represents a network port in a single container. 1552 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1553 "hostIP": "A String", # What host IP to bind the external port to. +optional 1554 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1555 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1556 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1557 }, 1558 ], 1559 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1560 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1561 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1562 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1563 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1564 "A String", 1565 ], 1566 }, 1567 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1568 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1569 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1570 { # HTTPHeader describes a custom header to be used in HTTP probes 1571 "name": "A String", # The header field name 1572 "value": "A String", # The header field value 1573 }, 1574 ], 1575 "path": "A String", # Path to access on the HTTP server. +optional 1576 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1577 "intVal": 42, # The int value. 1578 "strVal": "A String", # The string value. 1579 "type": 42, # The type of the value. 1580 }, 1581 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1582 }, 1583 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1584 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1585 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1586 "intVal": 42, # The int value. 1587 "strVal": "A String", # The string value. 1588 "type": 42, # The type of the value. 1589 }, 1590 }, 1591 }, 1592 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1593 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1594 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1595 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1596 }, 1597 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1598 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1599 "a_key": "A String", 1600 }, 1601 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1602 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1603 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1604 }, 1605 }, 1606 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1607 "a_key": "A String", 1608 }, 1609 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1610 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1611 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1612 }, 1613 }, 1614 }, 1615 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1616 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1617 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1618 "add": [ # Added capabilities +optional 1619 "A String", 1620 ], 1621 "drop": [ # Removed capabilities +optional 1622 "A String", 1623 ], 1624 }, 1625 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1626 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1627 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1628 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1629 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1630 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1631 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1632 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1633 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1634 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1635 }, 1636 }, 1637 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1638 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1639 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1640 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1641 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1642 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1643 { # volumeDevice describes a mapping of a raw block device within a container. 1644 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1645 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1646 }, 1647 ], 1648 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1649 { # VolumeMount describes a mounting of a Volume within a container. 1650 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1651 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1652 "name": "A String", # This must match the Name of a Volume. 1653 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1654 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1655 }, 1656 ], 1657 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1658 }, 1659 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1660 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 1661 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1662 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1663 "A String", 1664 ], 1665 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1666 "A String", 1667 ], 1668 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1669 { # EnvVar represents an environment variable present in a Container. 1670 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1671 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1672 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1673 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1674 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1675 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1676 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1677 }, 1678 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1679 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1680 }, 1681 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1682 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1683 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1684 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1685 }, 1686 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1687 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1688 }, 1689 }, 1690 }, 1691 ], 1692 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1693 { # EnvFromSource represents the source of a set of ConfigMaps 1694 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1695 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1696 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1697 }, 1698 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1699 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1700 }, 1701 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1702 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1703 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1704 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1705 }, 1706 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1707 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1708 }, 1709 }, 1710 ], 1711 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1712 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1713 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1714 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1715 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1716 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1717 "A String", 1718 ], 1719 }, 1720 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1721 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1722 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1723 { # HTTPHeader describes a custom header to be used in HTTP probes 1724 "name": "A String", # The header field name 1725 "value": "A String", # The header field value 1726 }, 1727 ], 1728 "path": "A String", # Path to access on the HTTP server. +optional 1729 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1730 "intVal": 42, # The int value. 1731 "strVal": "A String", # The string value. 1732 "type": 42, # The type of the value. 1733 }, 1734 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1735 }, 1736 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1737 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1738 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1739 "intVal": 42, # The int value. 1740 "strVal": "A String", # The string value. 1741 "type": 42, # The type of the value. 1742 }, 1743 }, 1744 }, 1745 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1746 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1747 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1748 "A String", 1749 ], 1750 }, 1751 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1752 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1753 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1754 { # HTTPHeader describes a custom header to be used in HTTP probes 1755 "name": "A String", # The header field name 1756 "value": "A String", # The header field value 1757 }, 1758 ], 1759 "path": "A String", # Path to access on the HTTP server. +optional 1760 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1761 "intVal": 42, # The int value. 1762 "strVal": "A String", # The string value. 1763 "type": 42, # The type of the value. 1764 }, 1765 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1766 }, 1767 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1768 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1769 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1770 "intVal": 42, # The int value. 1771 "strVal": "A String", # The string value. 1772 "type": 42, # The type of the value. 1773 }, 1774 }, 1775 }, 1776 }, 1777 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1778 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1779 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1780 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1781 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1782 "A String", 1783 ], 1784 }, 1785 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1786 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1787 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1788 { # HTTPHeader describes a custom header to be used in HTTP probes 1789 "name": "A String", # The header field name 1790 "value": "A String", # The header field value 1791 }, 1792 ], 1793 "path": "A String", # Path to access on the HTTP server. +optional 1794 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1795 "intVal": 42, # The int value. 1796 "strVal": "A String", # The string value. 1797 "type": 42, # The type of the value. 1798 }, 1799 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1800 }, 1801 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1802 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1803 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1804 "intVal": 42, # The int value. 1805 "strVal": "A String", # The string value. 1806 "type": 42, # The type of the value. 1807 }, 1808 }, 1809 }, 1810 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1811 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1812 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1813 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1814 }, 1815 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1816 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1817 { # ContainerPort represents a network port in a single container. 1818 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1819 "hostIP": "A String", # What host IP to bind the external port to. +optional 1820 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1821 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1822 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1823 }, 1824 ], 1825 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1826 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1827 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1828 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1829 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1830 "A String", 1831 ], 1832 }, 1833 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1834 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1835 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1836 { # HTTPHeader describes a custom header to be used in HTTP probes 1837 "name": "A String", # The header field name 1838 "value": "A String", # The header field value 1839 }, 1840 ], 1841 "path": "A String", # Path to access on the HTTP server. +optional 1842 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1843 "intVal": 42, # The int value. 1844 "strVal": "A String", # The string value. 1845 "type": 42, # The type of the value. 1846 }, 1847 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1848 }, 1849 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1850 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1851 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1852 "intVal": 42, # The int value. 1853 "strVal": "A String", # The string value. 1854 "type": 42, # The type of the value. 1855 }, 1856 }, 1857 }, 1858 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1859 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1860 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1861 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1862 }, 1863 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1864 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1865 "a_key": "A String", 1866 }, 1867 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1868 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1869 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1870 }, 1871 }, 1872 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1873 "a_key": "A String", 1874 }, 1875 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1876 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1877 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1878 }, 1879 }, 1880 }, 1881 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1882 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1883 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1884 "add": [ # Added capabilities +optional 1885 "A String", 1886 ], 1887 "drop": [ # Removed capabilities +optional 1888 "A String", 1889 ], 1890 }, 1891 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1892 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1893 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1894 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1895 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1896 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1897 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1898 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1899 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1900 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1901 }, 1902 }, 1903 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1904 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1905 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1906 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1907 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1908 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1909 { # volumeDevice describes a mapping of a raw block device within a container. 1910 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1911 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1912 }, 1913 ], 1914 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1915 { # VolumeMount describes a mounting of a Volume within a container. 1916 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1917 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1918 "name": "A String", # This must match the Name of a Volume. 1919 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1920 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1921 }, 1922 ], 1923 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1924 }, 1925 ], 1926 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1927 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1928 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 1929 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 1930 "volumes": [ 1931 { # Volume represents a named volume in a container. 1932 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1933 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1934 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1935 { # Maps a string key to a path within a volume. 1936 "key": "A String", # The key to project. 1937 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1938 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1939 }, 1940 ], 1941 "name": "A String", # Name of the config. 1942 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1943 }, 1944 "name": "A String", # Volume's name. 1945 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1946 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1947 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1948 { # Maps a string key to a path within a volume. 1949 "key": "A String", # The key to project. 1950 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1951 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1952 }, 1953 ], 1954 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1955 "secretName": "A String", # Name of the secret in the container's namespace to use. 1956 }, 1957 }, 1958 ], 1959 }, 1960 }, 1961 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 1962 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 1963 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 1964 "a_key": "A String", 1965 }, 1966 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 1967 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1968 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 1969 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1970 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 1971 "A String", 1972 ], 1973 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 1974 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 1975 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 1976 "a_key": "A String", 1977 }, 1978 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1979 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1980 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 1981 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1982 "apiVersion": "A String", # API version of the referent. 1983 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1984 "controller": True or False, # If true, this reference points to the managing controller. +optional 1985 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1986 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1987 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1988 }, 1989 ], 1990 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 1991 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 1992 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 1993 }, 1994 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1995 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 1996 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 1997 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1998 "A String", 1999 ], 2000 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2001 "A String", 2002 ], 2003 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2004 { # EnvVar represents an environment variable present in a Container. 2005 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2006 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2007 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2008 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2009 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2010 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2011 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2012 }, 2013 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2014 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2015 }, 2016 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2017 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2018 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2019 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2020 }, 2021 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2022 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2023 }, 2024 }, 2025 }, 2026 ], 2027 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2028 { # EnvFromSource represents the source of a set of ConfigMaps 2029 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2030 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2031 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2032 }, 2033 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2034 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2035 }, 2036 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2037 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2038 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2039 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2040 }, 2041 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2042 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2043 }, 2044 }, 2045 ], 2046 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2047 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2048 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2049 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2050 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2051 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2052 "A String", 2053 ], 2054 }, 2055 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2056 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2057 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2058 { # HTTPHeader describes a custom header to be used in HTTP probes 2059 "name": "A String", # The header field name 2060 "value": "A String", # The header field value 2061 }, 2062 ], 2063 "path": "A String", # Path to access on the HTTP server. +optional 2064 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2065 "intVal": 42, # The int value. 2066 "strVal": "A String", # The string value. 2067 "type": 42, # The type of the value. 2068 }, 2069 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2070 }, 2071 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2072 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2073 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2074 "intVal": 42, # The int value. 2075 "strVal": "A String", # The string value. 2076 "type": 42, # The type of the value. 2077 }, 2078 }, 2079 }, 2080 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2081 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2082 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2083 "A String", 2084 ], 2085 }, 2086 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2087 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2088 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2089 { # HTTPHeader describes a custom header to be used in HTTP probes 2090 "name": "A String", # The header field name 2091 "value": "A String", # The header field value 2092 }, 2093 ], 2094 "path": "A String", # Path to access on the HTTP server. +optional 2095 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2096 "intVal": 42, # The int value. 2097 "strVal": "A String", # The string value. 2098 "type": 42, # The type of the value. 2099 }, 2100 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2101 }, 2102 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2103 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2104 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2105 "intVal": 42, # The int value. 2106 "strVal": "A String", # The string value. 2107 "type": 42, # The type of the value. 2108 }, 2109 }, 2110 }, 2111 }, 2112 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2113 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2114 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2115 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2116 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2117 "A String", 2118 ], 2119 }, 2120 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2121 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2122 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2123 { # HTTPHeader describes a custom header to be used in HTTP probes 2124 "name": "A String", # The header field name 2125 "value": "A String", # The header field value 2126 }, 2127 ], 2128 "path": "A String", # Path to access on the HTTP server. +optional 2129 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2130 "intVal": 42, # The int value. 2131 "strVal": "A String", # The string value. 2132 "type": 42, # The type of the value. 2133 }, 2134 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2135 }, 2136 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2137 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2138 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2139 "intVal": 42, # The int value. 2140 "strVal": "A String", # The string value. 2141 "type": 42, # The type of the value. 2142 }, 2143 }, 2144 }, 2145 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2146 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2147 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2148 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2149 }, 2150 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2151 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2152 { # ContainerPort represents a network port in a single container. 2153 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2154 "hostIP": "A String", # What host IP to bind the external port to. +optional 2155 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2156 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2157 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2158 }, 2159 ], 2160 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2161 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2162 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2163 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2164 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2165 "A String", 2166 ], 2167 }, 2168 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2169 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2170 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2171 { # HTTPHeader describes a custom header to be used in HTTP probes 2172 "name": "A String", # The header field name 2173 "value": "A String", # The header field value 2174 }, 2175 ], 2176 "path": "A String", # Path to access on the HTTP server. +optional 2177 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2178 "intVal": 42, # The int value. 2179 "strVal": "A String", # The string value. 2180 "type": 42, # The type of the value. 2181 }, 2182 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2183 }, 2184 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2185 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2186 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2187 "intVal": 42, # The int value. 2188 "strVal": "A String", # The string value. 2189 "type": 42, # The type of the value. 2190 }, 2191 }, 2192 }, 2193 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2194 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2195 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2196 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2197 }, 2198 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2199 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2200 "a_key": "A String", 2201 }, 2202 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2203 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2204 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2205 }, 2206 }, 2207 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2208 "a_key": "A String", 2209 }, 2210 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2211 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2212 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2213 }, 2214 }, 2215 }, 2216 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2217 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2218 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2219 "add": [ # Added capabilities +optional 2220 "A String", 2221 ], 2222 "drop": [ # Removed capabilities +optional 2223 "A String", 2224 ], 2225 }, 2226 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2227 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2228 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2229 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2230 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2231 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2232 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2233 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2234 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2235 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2236 }, 2237 }, 2238 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2239 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2240 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2241 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2242 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2243 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2244 { # volumeDevice describes a mapping of a raw block device within a container. 2245 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2246 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2247 }, 2248 ], 2249 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2250 { # VolumeMount describes a mounting of a Volume within a container. 2251 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2252 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2253 "name": "A String", # This must match the Name of a Volume. 2254 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2255 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2256 }, 2257 ], 2258 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2259 }, 2260 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 2261 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 2262 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 2263 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2264 "A String", 2265 ], 2266 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2267 "A String", 2268 ], 2269 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2270 { # EnvVar represents an environment variable present in a Container. 2271 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2272 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2273 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2274 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2275 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2276 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2277 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2278 }, 2279 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2280 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2281 }, 2282 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2283 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2284 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2285 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2286 }, 2287 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2288 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2289 }, 2290 }, 2291 }, 2292 ], 2293 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2294 { # EnvFromSource represents the source of a set of ConfigMaps 2295 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2296 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2297 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2298 }, 2299 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2300 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2301 }, 2302 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2303 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2304 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2305 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2306 }, 2307 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2308 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2309 }, 2310 }, 2311 ], 2312 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2313 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2314 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2315 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2316 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2317 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2318 "A String", 2319 ], 2320 }, 2321 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2322 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2323 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2324 { # HTTPHeader describes a custom header to be used in HTTP probes 2325 "name": "A String", # The header field name 2326 "value": "A String", # The header field value 2327 }, 2328 ], 2329 "path": "A String", # Path to access on the HTTP server. +optional 2330 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2331 "intVal": 42, # The int value. 2332 "strVal": "A String", # The string value. 2333 "type": 42, # The type of the value. 2334 }, 2335 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2336 }, 2337 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2338 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2339 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2340 "intVal": 42, # The int value. 2341 "strVal": "A String", # The string value. 2342 "type": 42, # The type of the value. 2343 }, 2344 }, 2345 }, 2346 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2347 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2348 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2349 "A String", 2350 ], 2351 }, 2352 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2353 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2354 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2355 { # HTTPHeader describes a custom header to be used in HTTP probes 2356 "name": "A String", # The header field name 2357 "value": "A String", # The header field value 2358 }, 2359 ], 2360 "path": "A String", # Path to access on the HTTP server. +optional 2361 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2362 "intVal": 42, # The int value. 2363 "strVal": "A String", # The string value. 2364 "type": 42, # The type of the value. 2365 }, 2366 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2367 }, 2368 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2369 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2370 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2371 "intVal": 42, # The int value. 2372 "strVal": "A String", # The string value. 2373 "type": 42, # The type of the value. 2374 }, 2375 }, 2376 }, 2377 }, 2378 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2379 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2380 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2381 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2382 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2383 "A String", 2384 ], 2385 }, 2386 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2387 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2388 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2389 { # HTTPHeader describes a custom header to be used in HTTP probes 2390 "name": "A String", # The header field name 2391 "value": "A String", # The header field value 2392 }, 2393 ], 2394 "path": "A String", # Path to access on the HTTP server. +optional 2395 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2396 "intVal": 42, # The int value. 2397 "strVal": "A String", # The string value. 2398 "type": 42, # The type of the value. 2399 }, 2400 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2401 }, 2402 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2403 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2404 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2405 "intVal": 42, # The int value. 2406 "strVal": "A String", # The string value. 2407 "type": 42, # The type of the value. 2408 }, 2409 }, 2410 }, 2411 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2412 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2413 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2414 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2415 }, 2416 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2417 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2418 { # ContainerPort represents a network port in a single container. 2419 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2420 "hostIP": "A String", # What host IP to bind the external port to. +optional 2421 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2422 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2423 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2424 }, 2425 ], 2426 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2427 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2428 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2429 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2430 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2431 "A String", 2432 ], 2433 }, 2434 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2435 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2436 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2437 { # HTTPHeader describes a custom header to be used in HTTP probes 2438 "name": "A String", # The header field name 2439 "value": "A String", # The header field value 2440 }, 2441 ], 2442 "path": "A String", # Path to access on the HTTP server. +optional 2443 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2444 "intVal": 42, # The int value. 2445 "strVal": "A String", # The string value. 2446 "type": 42, # The type of the value. 2447 }, 2448 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2449 }, 2450 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2451 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2452 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2453 "intVal": 42, # The int value. 2454 "strVal": "A String", # The string value. 2455 "type": 42, # The type of the value. 2456 }, 2457 }, 2458 }, 2459 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2460 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2461 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2462 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2463 }, 2464 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2465 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2466 "a_key": "A String", 2467 }, 2468 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2469 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2470 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2471 }, 2472 }, 2473 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2474 "a_key": "A String", 2475 }, 2476 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2477 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2478 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2479 }, 2480 }, 2481 }, 2482 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2483 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2484 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2485 "add": [ # Added capabilities +optional 2486 "A String", 2487 ], 2488 "drop": [ # Removed capabilities +optional 2489 "A String", 2490 ], 2491 }, 2492 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2493 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2494 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2495 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2496 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2497 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2498 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2499 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2500 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2501 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2502 }, 2503 }, 2504 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2505 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2506 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2507 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2508 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2509 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2510 { # volumeDevice describes a mapping of a raw block device within a container. 2511 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2512 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2513 }, 2514 ], 2515 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2516 { # VolumeMount describes a mounting of a Volume within a container. 2517 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2518 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2519 "name": "A String", # This must match the Name of a Volume. 2520 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2521 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2522 }, 2523 ], 2524 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2525 }, 2526 ], 2527 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 2528 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 2529 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 2530 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 2531 "volumes": [ 2532 { # Volume represents a named volume in a container. 2533 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 2534 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2535 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 2536 { # Maps a string key to a path within a volume. 2537 "key": "A String", # The key to project. 2538 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 2539 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2540 }, 2541 ], 2542 "name": "A String", # Name of the config. 2543 "optional": True or False, # Specify whether the Secret or its keys must be defined. 2544 }, 2545 "name": "A String", # Volume's name. 2546 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 2547 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2548 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 2549 { # Maps a string key to a path within a volume. 2550 "key": "A String", # The key to project. 2551 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 2552 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2553 }, 2554 ], 2555 "optional": True or False, # Specify whether the Secret or its keys must be defined. 2556 "secretName": "A String", # Name of the secret in the container's namespace to use. 2557 }, 2558 }, 2559 ], 2560 }, 2561 }, 2562 }, 2563 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 2564 "A String", 2565 ], 2566 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 2567 }, 2568 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 2569 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 2570 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 2571 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 2572 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 2573 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 2574 "a_key": "A String", 2575 }, 2576 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 2577 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 2578 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 2579 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 2580 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 2581 "A String", 2582 ], 2583 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 2584 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 2585 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 2586 "a_key": "A String", 2587 }, 2588 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 2589 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 2590 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 2591 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 2592 "apiVersion": "A String", # API version of the referent. 2593 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 2594 "controller": True or False, # If true, this reference points to the managing controller. +optional 2595 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2596 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 2597 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 2598 }, 2599 ], 2600 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 2601 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 2602 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 2603 }, 2604 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 2605 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 2606 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 2607 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2608 "A String", 2609 ], 2610 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2611 "A String", 2612 ], 2613 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2614 { # EnvVar represents an environment variable present in a Container. 2615 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2616 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2617 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2618 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2619 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2620 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2621 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2622 }, 2623 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2624 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2625 }, 2626 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2627 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2628 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2629 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2630 }, 2631 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2632 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2633 }, 2634 }, 2635 }, 2636 ], 2637 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2638 { # EnvFromSource represents the source of a set of ConfigMaps 2639 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2640 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2641 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2642 }, 2643 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2644 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2645 }, 2646 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2647 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2648 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2649 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2650 }, 2651 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2652 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2653 }, 2654 }, 2655 ], 2656 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2657 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2658 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2659 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2660 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2661 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2662 "A String", 2663 ], 2664 }, 2665 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2666 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2667 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2668 { # HTTPHeader describes a custom header to be used in HTTP probes 2669 "name": "A String", # The header field name 2670 "value": "A String", # The header field value 2671 }, 2672 ], 2673 "path": "A String", # Path to access on the HTTP server. +optional 2674 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2675 "intVal": 42, # The int value. 2676 "strVal": "A String", # The string value. 2677 "type": 42, # The type of the value. 2678 }, 2679 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2680 }, 2681 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2682 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2683 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2684 "intVal": 42, # The int value. 2685 "strVal": "A String", # The string value. 2686 "type": 42, # The type of the value. 2687 }, 2688 }, 2689 }, 2690 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2691 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2692 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2693 "A String", 2694 ], 2695 }, 2696 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2697 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2698 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2699 { # HTTPHeader describes a custom header to be used in HTTP probes 2700 "name": "A String", # The header field name 2701 "value": "A String", # The header field value 2702 }, 2703 ], 2704 "path": "A String", # Path to access on the HTTP server. +optional 2705 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2706 "intVal": 42, # The int value. 2707 "strVal": "A String", # The string value. 2708 "type": 42, # The type of the value. 2709 }, 2710 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2711 }, 2712 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2713 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2714 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2715 "intVal": 42, # The int value. 2716 "strVal": "A String", # The string value. 2717 "type": 42, # The type of the value. 2718 }, 2719 }, 2720 }, 2721 }, 2722 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2723 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2724 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2725 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2726 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2727 "A String", 2728 ], 2729 }, 2730 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2731 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2732 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2733 { # HTTPHeader describes a custom header to be used in HTTP probes 2734 "name": "A String", # The header field name 2735 "value": "A String", # The header field value 2736 }, 2737 ], 2738 "path": "A String", # Path to access on the HTTP server. +optional 2739 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2740 "intVal": 42, # The int value. 2741 "strVal": "A String", # The string value. 2742 "type": 42, # The type of the value. 2743 }, 2744 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2745 }, 2746 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2747 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2748 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2749 "intVal": 42, # The int value. 2750 "strVal": "A String", # The string value. 2751 "type": 42, # The type of the value. 2752 }, 2753 }, 2754 }, 2755 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2756 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2757 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2758 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2759 }, 2760 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2761 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2762 { # ContainerPort represents a network port in a single container. 2763 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2764 "hostIP": "A String", # What host IP to bind the external port to. +optional 2765 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2766 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2767 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2768 }, 2769 ], 2770 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2771 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2772 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2773 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2774 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2775 "A String", 2776 ], 2777 }, 2778 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2779 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2780 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2781 { # HTTPHeader describes a custom header to be used in HTTP probes 2782 "name": "A String", # The header field name 2783 "value": "A String", # The header field value 2784 }, 2785 ], 2786 "path": "A String", # Path to access on the HTTP server. +optional 2787 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2788 "intVal": 42, # The int value. 2789 "strVal": "A String", # The string value. 2790 "type": 42, # The type of the value. 2791 }, 2792 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2793 }, 2794 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2795 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2796 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2797 "intVal": 42, # The int value. 2798 "strVal": "A String", # The string value. 2799 "type": 42, # The type of the value. 2800 }, 2801 }, 2802 }, 2803 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2804 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2805 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2806 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2807 }, 2808 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2809 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2810 "a_key": "A String", 2811 }, 2812 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2813 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2814 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2815 }, 2816 }, 2817 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2818 "a_key": "A String", 2819 }, 2820 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2821 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2822 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2823 }, 2824 }, 2825 }, 2826 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2827 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2828 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2829 "add": [ # Added capabilities +optional 2830 "A String", 2831 ], 2832 "drop": [ # Removed capabilities +optional 2833 "A String", 2834 ], 2835 }, 2836 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2837 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2838 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2839 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2840 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2841 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2842 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2843 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2844 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2845 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2846 }, 2847 }, 2848 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2849 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2850 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2851 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2852 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2853 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2854 { # volumeDevice describes a mapping of a raw block device within a container. 2855 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2856 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2857 }, 2858 ], 2859 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2860 { # VolumeMount describes a mounting of a Volume within a container. 2861 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2862 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2863 "name": "A String", # This must match the Name of a Volume. 2864 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2865 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2866 }, 2867 ], 2868 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2869 }, 2870 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 2871 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 2872 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 2873 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2874 "A String", 2875 ], 2876 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2877 "A String", 2878 ], 2879 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2880 { # EnvVar represents an environment variable present in a Container. 2881 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2882 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2883 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2884 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2885 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2886 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2887 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2888 }, 2889 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2890 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2891 }, 2892 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2893 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2894 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2895 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2896 }, 2897 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2898 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2899 }, 2900 }, 2901 }, 2902 ], 2903 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2904 { # EnvFromSource represents the source of a set of ConfigMaps 2905 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2906 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2907 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2908 }, 2909 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2910 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2911 }, 2912 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2913 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2914 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2915 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2916 }, 2917 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2918 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2919 }, 2920 }, 2921 ], 2922 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2923 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2924 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2925 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2926 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2927 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2928 "A String", 2929 ], 2930 }, 2931 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2932 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2933 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2934 { # HTTPHeader describes a custom header to be used in HTTP probes 2935 "name": "A String", # The header field name 2936 "value": "A String", # The header field value 2937 }, 2938 ], 2939 "path": "A String", # Path to access on the HTTP server. +optional 2940 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2941 "intVal": 42, # The int value. 2942 "strVal": "A String", # The string value. 2943 "type": 42, # The type of the value. 2944 }, 2945 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2946 }, 2947 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2948 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2949 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2950 "intVal": 42, # The int value. 2951 "strVal": "A String", # The string value. 2952 "type": 42, # The type of the value. 2953 }, 2954 }, 2955 }, 2956 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2957 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2958 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2959 "A String", 2960 ], 2961 }, 2962 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2963 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2964 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2965 { # HTTPHeader describes a custom header to be used in HTTP probes 2966 "name": "A String", # The header field name 2967 "value": "A String", # The header field value 2968 }, 2969 ], 2970 "path": "A String", # Path to access on the HTTP server. +optional 2971 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2972 "intVal": 42, # The int value. 2973 "strVal": "A String", # The string value. 2974 "type": 42, # The type of the value. 2975 }, 2976 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2977 }, 2978 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2979 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2980 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2981 "intVal": 42, # The int value. 2982 "strVal": "A String", # The string value. 2983 "type": 42, # The type of the value. 2984 }, 2985 }, 2986 }, 2987 }, 2988 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2989 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2990 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2991 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2992 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2993 "A String", 2994 ], 2995 }, 2996 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2997 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2998 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2999 { # HTTPHeader describes a custom header to be used in HTTP probes 3000 "name": "A String", # The header field name 3001 "value": "A String", # The header field value 3002 }, 3003 ], 3004 "path": "A String", # Path to access on the HTTP server. +optional 3005 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3006 "intVal": 42, # The int value. 3007 "strVal": "A String", # The string value. 3008 "type": 42, # The type of the value. 3009 }, 3010 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3011 }, 3012 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3013 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3014 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3015 "intVal": 42, # The int value. 3016 "strVal": "A String", # The string value. 3017 "type": 42, # The type of the value. 3018 }, 3019 }, 3020 }, 3021 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3022 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3023 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3024 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3025 }, 3026 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3027 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3028 { # ContainerPort represents a network port in a single container. 3029 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3030 "hostIP": "A String", # What host IP to bind the external port to. +optional 3031 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3032 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3033 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3034 }, 3035 ], 3036 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3037 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3038 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3039 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3040 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3041 "A String", 3042 ], 3043 }, 3044 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3045 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3046 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3047 { # HTTPHeader describes a custom header to be used in HTTP probes 3048 "name": "A String", # The header field name 3049 "value": "A String", # The header field value 3050 }, 3051 ], 3052 "path": "A String", # Path to access on the HTTP server. +optional 3053 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3054 "intVal": 42, # The int value. 3055 "strVal": "A String", # The string value. 3056 "type": 42, # The type of the value. 3057 }, 3058 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3059 }, 3060 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3061 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3062 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3063 "intVal": 42, # The int value. 3064 "strVal": "A String", # The string value. 3065 "type": 42, # The type of the value. 3066 }, 3067 }, 3068 }, 3069 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3070 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3071 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3072 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3073 }, 3074 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3075 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3076 "a_key": "A String", 3077 }, 3078 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3079 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3080 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3081 }, 3082 }, 3083 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3084 "a_key": "A String", 3085 }, 3086 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3087 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3088 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3089 }, 3090 }, 3091 }, 3092 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3093 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3094 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3095 "add": [ # Added capabilities +optional 3096 "A String", 3097 ], 3098 "drop": [ # Removed capabilities +optional 3099 "A String", 3100 ], 3101 }, 3102 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3103 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3104 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3105 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3106 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3107 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3108 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3109 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3110 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3111 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3112 }, 3113 }, 3114 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3115 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3116 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3117 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3118 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3119 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3120 { # volumeDevice describes a mapping of a raw block device within a container. 3121 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3122 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3123 }, 3124 ], 3125 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3126 { # VolumeMount describes a mounting of a Volume within a container. 3127 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3128 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3129 "name": "A String", # This must match the Name of a Volume. 3130 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3131 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3132 }, 3133 ], 3134 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3135 }, 3136 ], 3137 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 3138 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 3139 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 3140 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 3141 "volumes": [ 3142 { # Volume represents a named volume in a container. 3143 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 3144 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3145 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3146 { # Maps a string key to a path within a volume. 3147 "key": "A String", # The key to project. 3148 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3149 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3150 }, 3151 ], 3152 "name": "A String", # Name of the config. 3153 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3154 }, 3155 "name": "A String", # Volume's name. 3156 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 3157 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3158 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3159 { # Maps a string key to a path within a volume. 3160 "key": "A String", # The key to project. 3161 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3162 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3163 }, 3164 ], 3165 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3166 "secretName": "A String", # Name of the secret in the container's namespace to use. 3167 }, 3168 }, 3169 ], 3170 }, 3171 }, 3172 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 3173 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 3174 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 3175 "a_key": "A String", 3176 }, 3177 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 3178 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3179 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 3180 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3181 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 3182 "A String", 3183 ], 3184 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 3185 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 3186 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 3187 "a_key": "A String", 3188 }, 3189 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 3190 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 3191 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 3192 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 3193 "apiVersion": "A String", # API version of the referent. 3194 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 3195 "controller": True or False, # If true, this reference points to the managing controller. +optional 3196 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3197 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 3198 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 3199 }, 3200 ], 3201 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 3202 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 3203 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 3204 }, 3205 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 3206 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 3207 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 3208 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3209 "A String", 3210 ], 3211 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3212 "A String", 3213 ], 3214 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3215 { # EnvVar represents an environment variable present in a Container. 3216 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3217 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3218 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3219 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3220 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3221 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3222 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3223 }, 3224 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3225 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3226 }, 3227 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3228 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3229 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3230 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3231 }, 3232 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3233 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3234 }, 3235 }, 3236 }, 3237 ], 3238 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3239 { # EnvFromSource represents the source of a set of ConfigMaps 3240 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3241 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3242 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3243 }, 3244 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3245 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3246 }, 3247 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3248 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3249 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3250 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3251 }, 3252 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3253 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3254 }, 3255 }, 3256 ], 3257 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3258 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3259 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3260 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3261 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3262 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3263 "A String", 3264 ], 3265 }, 3266 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3267 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3268 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3269 { # HTTPHeader describes a custom header to be used in HTTP probes 3270 "name": "A String", # The header field name 3271 "value": "A String", # The header field value 3272 }, 3273 ], 3274 "path": "A String", # Path to access on the HTTP server. +optional 3275 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3276 "intVal": 42, # The int value. 3277 "strVal": "A String", # The string value. 3278 "type": 42, # The type of the value. 3279 }, 3280 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3281 }, 3282 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3283 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3284 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3285 "intVal": 42, # The int value. 3286 "strVal": "A String", # The string value. 3287 "type": 42, # The type of the value. 3288 }, 3289 }, 3290 }, 3291 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3292 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3293 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3294 "A String", 3295 ], 3296 }, 3297 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3298 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3299 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3300 { # HTTPHeader describes a custom header to be used in HTTP probes 3301 "name": "A String", # The header field name 3302 "value": "A String", # The header field value 3303 }, 3304 ], 3305 "path": "A String", # Path to access on the HTTP server. +optional 3306 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3307 "intVal": 42, # The int value. 3308 "strVal": "A String", # The string value. 3309 "type": 42, # The type of the value. 3310 }, 3311 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3312 }, 3313 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3314 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3315 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3316 "intVal": 42, # The int value. 3317 "strVal": "A String", # The string value. 3318 "type": 42, # The type of the value. 3319 }, 3320 }, 3321 }, 3322 }, 3323 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3324 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3325 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3326 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3327 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3328 "A String", 3329 ], 3330 }, 3331 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3332 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3333 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3334 { # HTTPHeader describes a custom header to be used in HTTP probes 3335 "name": "A String", # The header field name 3336 "value": "A String", # The header field value 3337 }, 3338 ], 3339 "path": "A String", # Path to access on the HTTP server. +optional 3340 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3341 "intVal": 42, # The int value. 3342 "strVal": "A String", # The string value. 3343 "type": 42, # The type of the value. 3344 }, 3345 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3346 }, 3347 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3348 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3349 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3350 "intVal": 42, # The int value. 3351 "strVal": "A String", # The string value. 3352 "type": 42, # The type of the value. 3353 }, 3354 }, 3355 }, 3356 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3357 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3358 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3359 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3360 }, 3361 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3362 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3363 { # ContainerPort represents a network port in a single container. 3364 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3365 "hostIP": "A String", # What host IP to bind the external port to. +optional 3366 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3367 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3368 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3369 }, 3370 ], 3371 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3372 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3373 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3374 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3375 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3376 "A String", 3377 ], 3378 }, 3379 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3380 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3381 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3382 { # HTTPHeader describes a custom header to be used in HTTP probes 3383 "name": "A String", # The header field name 3384 "value": "A String", # The header field value 3385 }, 3386 ], 3387 "path": "A String", # Path to access on the HTTP server. +optional 3388 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3389 "intVal": 42, # The int value. 3390 "strVal": "A String", # The string value. 3391 "type": 42, # The type of the value. 3392 }, 3393 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3394 }, 3395 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3396 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3397 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3398 "intVal": 42, # The int value. 3399 "strVal": "A String", # The string value. 3400 "type": 42, # The type of the value. 3401 }, 3402 }, 3403 }, 3404 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3405 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3406 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3407 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3408 }, 3409 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3410 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3411 "a_key": "A String", 3412 }, 3413 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3414 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3415 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3416 }, 3417 }, 3418 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3419 "a_key": "A String", 3420 }, 3421 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3422 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3423 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3424 }, 3425 }, 3426 }, 3427 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3428 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3429 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3430 "add": [ # Added capabilities +optional 3431 "A String", 3432 ], 3433 "drop": [ # Removed capabilities +optional 3434 "A String", 3435 ], 3436 }, 3437 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3438 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3439 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3440 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3441 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3442 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3443 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3444 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3445 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3446 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3447 }, 3448 }, 3449 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3450 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3451 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3452 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3453 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3454 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3455 { # volumeDevice describes a mapping of a raw block device within a container. 3456 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3457 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3458 }, 3459 ], 3460 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3461 { # VolumeMount describes a mounting of a Volume within a container. 3462 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3463 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3464 "name": "A String", # This must match the Name of a Volume. 3465 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3466 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3467 }, 3468 ], 3469 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3470 }, 3471 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 3472 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 3473 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 3474 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3475 "A String", 3476 ], 3477 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3478 "A String", 3479 ], 3480 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3481 { # EnvVar represents an environment variable present in a Container. 3482 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3483 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3484 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3485 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3486 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3487 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3488 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3489 }, 3490 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3491 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3492 }, 3493 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3494 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3495 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3496 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3497 }, 3498 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3499 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3500 }, 3501 }, 3502 }, 3503 ], 3504 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3505 { # EnvFromSource represents the source of a set of ConfigMaps 3506 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3507 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3508 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3509 }, 3510 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3511 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3512 }, 3513 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3514 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3515 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3516 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3517 }, 3518 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3519 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3520 }, 3521 }, 3522 ], 3523 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3524 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3525 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3526 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3527 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3528 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3529 "A String", 3530 ], 3531 }, 3532 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3533 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3534 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3535 { # HTTPHeader describes a custom header to be used in HTTP probes 3536 "name": "A String", # The header field name 3537 "value": "A String", # The header field value 3538 }, 3539 ], 3540 "path": "A String", # Path to access on the HTTP server. +optional 3541 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3542 "intVal": 42, # The int value. 3543 "strVal": "A String", # The string value. 3544 "type": 42, # The type of the value. 3545 }, 3546 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3547 }, 3548 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3549 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3550 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3551 "intVal": 42, # The int value. 3552 "strVal": "A String", # The string value. 3553 "type": 42, # The type of the value. 3554 }, 3555 }, 3556 }, 3557 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3558 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3559 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3560 "A String", 3561 ], 3562 }, 3563 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3564 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3565 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3566 { # HTTPHeader describes a custom header to be used in HTTP probes 3567 "name": "A String", # The header field name 3568 "value": "A String", # The header field value 3569 }, 3570 ], 3571 "path": "A String", # Path to access on the HTTP server. +optional 3572 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3573 "intVal": 42, # The int value. 3574 "strVal": "A String", # The string value. 3575 "type": 42, # The type of the value. 3576 }, 3577 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3578 }, 3579 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3580 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3581 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3582 "intVal": 42, # The int value. 3583 "strVal": "A String", # The string value. 3584 "type": 42, # The type of the value. 3585 }, 3586 }, 3587 }, 3588 }, 3589 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3590 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3591 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3592 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3593 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3594 "A String", 3595 ], 3596 }, 3597 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3598 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3599 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3600 { # HTTPHeader describes a custom header to be used in HTTP probes 3601 "name": "A String", # The header field name 3602 "value": "A String", # The header field value 3603 }, 3604 ], 3605 "path": "A String", # Path to access on the HTTP server. +optional 3606 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3607 "intVal": 42, # The int value. 3608 "strVal": "A String", # The string value. 3609 "type": 42, # The type of the value. 3610 }, 3611 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3612 }, 3613 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3614 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3615 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3616 "intVal": 42, # The int value. 3617 "strVal": "A String", # The string value. 3618 "type": 42, # The type of the value. 3619 }, 3620 }, 3621 }, 3622 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3623 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3624 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3625 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3626 }, 3627 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3628 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3629 { # ContainerPort represents a network port in a single container. 3630 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3631 "hostIP": "A String", # What host IP to bind the external port to. +optional 3632 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3633 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3634 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3635 }, 3636 ], 3637 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3638 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3639 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3640 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3641 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3642 "A String", 3643 ], 3644 }, 3645 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3646 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3647 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3648 { # HTTPHeader describes a custom header to be used in HTTP probes 3649 "name": "A String", # The header field name 3650 "value": "A String", # The header field value 3651 }, 3652 ], 3653 "path": "A String", # Path to access on the HTTP server. +optional 3654 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3655 "intVal": 42, # The int value. 3656 "strVal": "A String", # The string value. 3657 "type": 42, # The type of the value. 3658 }, 3659 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3660 }, 3661 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3662 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3663 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3664 "intVal": 42, # The int value. 3665 "strVal": "A String", # The string value. 3666 "type": 42, # The type of the value. 3667 }, 3668 }, 3669 }, 3670 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3671 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3672 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3673 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3674 }, 3675 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3676 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3677 "a_key": "A String", 3678 }, 3679 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3680 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3681 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3682 }, 3683 }, 3684 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3685 "a_key": "A String", 3686 }, 3687 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3688 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3689 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3690 }, 3691 }, 3692 }, 3693 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3694 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3695 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3696 "add": [ # Added capabilities +optional 3697 "A String", 3698 ], 3699 "drop": [ # Removed capabilities +optional 3700 "A String", 3701 ], 3702 }, 3703 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3704 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3705 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3706 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3707 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3708 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3709 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3710 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3711 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3712 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3713 }, 3714 }, 3715 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3716 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3717 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3718 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3719 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3720 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3721 { # volumeDevice describes a mapping of a raw block device within a container. 3722 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3723 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3724 }, 3725 ], 3726 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3727 { # VolumeMount describes a mounting of a Volume within a container. 3728 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3729 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3730 "name": "A String", # This must match the Name of a Volume. 3731 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3732 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3733 }, 3734 ], 3735 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3736 }, 3737 ], 3738 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 3739 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 3740 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 3741 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 3742 "volumes": [ 3743 { # Volume represents a named volume in a container. 3744 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 3745 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3746 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3747 { # Maps a string key to a path within a volume. 3748 "key": "A String", # The key to project. 3749 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3750 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3751 }, 3752 ], 3753 "name": "A String", # Name of the config. 3754 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3755 }, 3756 "name": "A String", # Volume's name. 3757 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 3758 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3759 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3760 { # Maps a string key to a path within a volume. 3761 "key": "A String", # The key to project. 3762 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3763 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3764 }, 3765 ], 3766 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3767 "secretName": "A String", # Name of the secret in the container's namespace to use. 3768 }, 3769 }, 3770 ], 3771 }, 3772 }, 3773 }, 3774 }, 3775 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 3776 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 3777 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 3778 "a_key": "A String", 3779 }, 3780 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 3781 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3782 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 3783 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3784 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 3785 "A String", 3786 ], 3787 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 3788 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 3789 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 3790 "a_key": "A String", 3791 }, 3792 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 3793 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 3794 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 3795 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 3796 "apiVersion": "A String", # API version of the referent. 3797 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 3798 "controller": True or False, # If true, this reference points to the managing controller. +optional 3799 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3800 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 3801 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 3802 }, 3803 ], 3804 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 3805 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 3806 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 3807 }, 3808 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 3809 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 3810 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 3811 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3812 "A String", 3813 ], 3814 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3815 "A String", 3816 ], 3817 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3818 { # EnvVar represents an environment variable present in a Container. 3819 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3820 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3821 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3822 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3823 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3824 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3825 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3826 }, 3827 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3828 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3829 }, 3830 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3831 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3832 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3833 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3834 }, 3835 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3836 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3837 }, 3838 }, 3839 }, 3840 ], 3841 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3842 { # EnvFromSource represents the source of a set of ConfigMaps 3843 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3844 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3845 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3846 }, 3847 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3848 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3849 }, 3850 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3851 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3852 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3853 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3854 }, 3855 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3856 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3857 }, 3858 }, 3859 ], 3860 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3861 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3862 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3863 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3864 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3865 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3866 "A String", 3867 ], 3868 }, 3869 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3870 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3871 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3872 { # HTTPHeader describes a custom header to be used in HTTP probes 3873 "name": "A String", # The header field name 3874 "value": "A String", # The header field value 3875 }, 3876 ], 3877 "path": "A String", # Path to access on the HTTP server. +optional 3878 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3879 "intVal": 42, # The int value. 3880 "strVal": "A String", # The string value. 3881 "type": 42, # The type of the value. 3882 }, 3883 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3884 }, 3885 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3886 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3887 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3888 "intVal": 42, # The int value. 3889 "strVal": "A String", # The string value. 3890 "type": 42, # The type of the value. 3891 }, 3892 }, 3893 }, 3894 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3895 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3896 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3897 "A String", 3898 ], 3899 }, 3900 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3901 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3902 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3903 { # HTTPHeader describes a custom header to be used in HTTP probes 3904 "name": "A String", # The header field name 3905 "value": "A String", # The header field value 3906 }, 3907 ], 3908 "path": "A String", # Path to access on the HTTP server. +optional 3909 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3910 "intVal": 42, # The int value. 3911 "strVal": "A String", # The string value. 3912 "type": 42, # The type of the value. 3913 }, 3914 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3915 }, 3916 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3917 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3918 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3919 "intVal": 42, # The int value. 3920 "strVal": "A String", # The string value. 3921 "type": 42, # The type of the value. 3922 }, 3923 }, 3924 }, 3925 }, 3926 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3927 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3928 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3929 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3930 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3931 "A String", 3932 ], 3933 }, 3934 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3935 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3936 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3937 { # HTTPHeader describes a custom header to be used in HTTP probes 3938 "name": "A String", # The header field name 3939 "value": "A String", # The header field value 3940 }, 3941 ], 3942 "path": "A String", # Path to access on the HTTP server. +optional 3943 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3944 "intVal": 42, # The int value. 3945 "strVal": "A String", # The string value. 3946 "type": 42, # The type of the value. 3947 }, 3948 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3949 }, 3950 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3951 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3952 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3953 "intVal": 42, # The int value. 3954 "strVal": "A String", # The string value. 3955 "type": 42, # The type of the value. 3956 }, 3957 }, 3958 }, 3959 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3960 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3961 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3962 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3963 }, 3964 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3965 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3966 { # ContainerPort represents a network port in a single container. 3967 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3968 "hostIP": "A String", # What host IP to bind the external port to. +optional 3969 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3970 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3971 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3972 }, 3973 ], 3974 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3975 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3976 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3977 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3978 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3979 "A String", 3980 ], 3981 }, 3982 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3983 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3984 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3985 { # HTTPHeader describes a custom header to be used in HTTP probes 3986 "name": "A String", # The header field name 3987 "value": "A String", # The header field value 3988 }, 3989 ], 3990 "path": "A String", # Path to access on the HTTP server. +optional 3991 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3992 "intVal": 42, # The int value. 3993 "strVal": "A String", # The string value. 3994 "type": 42, # The type of the value. 3995 }, 3996 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3997 }, 3998 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3999 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4000 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4001 "intVal": 42, # The int value. 4002 "strVal": "A String", # The string value. 4003 "type": 42, # The type of the value. 4004 }, 4005 }, 4006 }, 4007 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4008 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4009 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4010 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4011 }, 4012 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4013 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4014 "a_key": "A String", 4015 }, 4016 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4017 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4018 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4019 }, 4020 }, 4021 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4022 "a_key": "A String", 4023 }, 4024 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4025 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4026 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4027 }, 4028 }, 4029 }, 4030 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4031 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4032 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4033 "add": [ # Added capabilities +optional 4034 "A String", 4035 ], 4036 "drop": [ # Removed capabilities +optional 4037 "A String", 4038 ], 4039 }, 4040 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4041 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4042 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4043 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4044 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4045 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4046 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4047 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4048 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4049 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4050 }, 4051 }, 4052 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4053 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4054 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4055 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4056 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4057 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4058 { # volumeDevice describes a mapping of a raw block device within a container. 4059 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4060 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4061 }, 4062 ], 4063 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4064 { # VolumeMount describes a mounting of a Volume within a container. 4065 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4066 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4067 "name": "A String", # This must match the Name of a Volume. 4068 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4069 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4070 }, 4071 ], 4072 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4073 }, 4074 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 4075 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 4076 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 4077 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4078 "A String", 4079 ], 4080 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4081 "A String", 4082 ], 4083 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4084 { # EnvVar represents an environment variable present in a Container. 4085 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4086 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4087 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4088 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4089 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4090 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4091 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4092 }, 4093 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4094 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4095 }, 4096 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4097 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4098 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4099 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4100 }, 4101 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4102 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4103 }, 4104 }, 4105 }, 4106 ], 4107 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4108 { # EnvFromSource represents the source of a set of ConfigMaps 4109 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4110 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4111 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4112 }, 4113 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4114 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4115 }, 4116 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4117 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4118 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4119 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4120 }, 4121 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4122 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4123 }, 4124 }, 4125 ], 4126 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4127 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4128 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4129 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4130 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4131 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4132 "A String", 4133 ], 4134 }, 4135 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4136 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4137 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4138 { # HTTPHeader describes a custom header to be used in HTTP probes 4139 "name": "A String", # The header field name 4140 "value": "A String", # The header field value 4141 }, 4142 ], 4143 "path": "A String", # Path to access on the HTTP server. +optional 4144 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4145 "intVal": 42, # The int value. 4146 "strVal": "A String", # The string value. 4147 "type": 42, # The type of the value. 4148 }, 4149 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4150 }, 4151 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4152 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4153 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4154 "intVal": 42, # The int value. 4155 "strVal": "A String", # The string value. 4156 "type": 42, # The type of the value. 4157 }, 4158 }, 4159 }, 4160 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4161 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4162 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4163 "A String", 4164 ], 4165 }, 4166 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4167 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4168 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4169 { # HTTPHeader describes a custom header to be used in HTTP probes 4170 "name": "A String", # The header field name 4171 "value": "A String", # The header field value 4172 }, 4173 ], 4174 "path": "A String", # Path to access on the HTTP server. +optional 4175 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4176 "intVal": 42, # The int value. 4177 "strVal": "A String", # The string value. 4178 "type": 42, # The type of the value. 4179 }, 4180 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4181 }, 4182 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4183 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4184 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4185 "intVal": 42, # The int value. 4186 "strVal": "A String", # The string value. 4187 "type": 42, # The type of the value. 4188 }, 4189 }, 4190 }, 4191 }, 4192 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4193 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4194 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4195 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4196 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4197 "A String", 4198 ], 4199 }, 4200 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4201 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4202 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4203 { # HTTPHeader describes a custom header to be used in HTTP probes 4204 "name": "A String", # The header field name 4205 "value": "A String", # The header field value 4206 }, 4207 ], 4208 "path": "A String", # Path to access on the HTTP server. +optional 4209 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4210 "intVal": 42, # The int value. 4211 "strVal": "A String", # The string value. 4212 "type": 42, # The type of the value. 4213 }, 4214 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4215 }, 4216 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4217 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4218 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4219 "intVal": 42, # The int value. 4220 "strVal": "A String", # The string value. 4221 "type": 42, # The type of the value. 4222 }, 4223 }, 4224 }, 4225 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4226 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4227 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4228 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4229 }, 4230 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4231 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4232 { # ContainerPort represents a network port in a single container. 4233 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4234 "hostIP": "A String", # What host IP to bind the external port to. +optional 4235 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4236 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4237 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4238 }, 4239 ], 4240 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4241 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4242 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4243 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4244 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4245 "A String", 4246 ], 4247 }, 4248 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4249 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4250 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4251 { # HTTPHeader describes a custom header to be used in HTTP probes 4252 "name": "A String", # The header field name 4253 "value": "A String", # The header field value 4254 }, 4255 ], 4256 "path": "A String", # Path to access on the HTTP server. +optional 4257 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4258 "intVal": 42, # The int value. 4259 "strVal": "A String", # The string value. 4260 "type": 42, # The type of the value. 4261 }, 4262 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4263 }, 4264 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4265 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4266 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4267 "intVal": 42, # The int value. 4268 "strVal": "A String", # The string value. 4269 "type": 42, # The type of the value. 4270 }, 4271 }, 4272 }, 4273 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4274 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4275 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4276 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4277 }, 4278 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4279 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4280 "a_key": "A String", 4281 }, 4282 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4283 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4284 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4285 }, 4286 }, 4287 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4288 "a_key": "A String", 4289 }, 4290 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4291 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4292 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4293 }, 4294 }, 4295 }, 4296 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4297 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4298 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4299 "add": [ # Added capabilities +optional 4300 "A String", 4301 ], 4302 "drop": [ # Removed capabilities +optional 4303 "A String", 4304 ], 4305 }, 4306 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4307 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4308 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4309 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4310 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4311 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4312 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4313 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4314 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4315 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4316 }, 4317 }, 4318 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4319 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4320 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4321 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4322 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4323 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4324 { # volumeDevice describes a mapping of a raw block device within a container. 4325 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4326 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4327 }, 4328 ], 4329 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4330 { # VolumeMount describes a mounting of a Volume within a container. 4331 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4332 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4333 "name": "A String", # This must match the Name of a Volume. 4334 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4335 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4336 }, 4337 ], 4338 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4339 }, 4340 ], 4341 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4342 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 4343 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 4344 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 4345 "volumes": [ 4346 { # Volume represents a named volume in a container. 4347 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 4348 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 4349 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 4350 { # Maps a string key to a path within a volume. 4351 "key": "A String", # The key to project. 4352 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 4353 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4354 }, 4355 ], 4356 "name": "A String", # Name of the config. 4357 "optional": True or False, # Specify whether the Secret or its keys must be defined. 4358 }, 4359 "name": "A String", # Volume's name. 4360 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 4361 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 4362 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 4363 { # Maps a string key to a path within a volume. 4364 "key": "A String", # The key to project. 4365 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 4366 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4367 }, 4368 ], 4369 "optional": True or False, # Specify whether the Secret or its keys must be defined. 4370 "secretName": "A String", # Name of the secret in the container's namespace to use. 4371 }, 4372 }, 4373 ], 4374 }, 4375 }, 4376 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 4377 { # TrafficTarget holds a single entry of the routing table for a Route. 4378 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 4379 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 4380 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 4381 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 4382 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 4383 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 4384 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 4385 }, 4386 ], 4387 }, 4388 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 4389 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 4390 "hostname": "A String", # Deprecated - use url instead. 4391 "url": "A String", 4392 }, 4393 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 4394 { # ServiceCondition defines a readiness condition for a Service. 4395 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 4396 "message": "A String", # Human-readable message indicating details about last transition. +optional 4397 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 4398 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 4399 "status": "A String", # Status of the condition, one of True, False, Unknown. 4400 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 4401 }, 4402 ], 4403 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 4404 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 4405 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 4406 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 4407 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 4408 { # TrafficTarget holds a single entry of the routing table for a Route. 4409 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 4410 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 4411 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 4412 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 4413 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 4414 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 4415 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 4416 }, 4417 ], 4418 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 4419 }, 4420} 4421 4422 x__xgafv: string, V1 error format. 4423 Allowed values 4424 1 - v1 error format 4425 2 - v2 error format 4426 4427Returns: 4428 An object of the form: 4429 4430 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 4431 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 4432 "kind": "A String", # The kind of resource, in this case "Service". 4433 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 4434 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 4435 "a_key": "A String", 4436 }, 4437 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 4438 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4439 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 4440 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4441 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 4442 "A String", 4443 ], 4444 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 4445 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 4446 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 4447 "a_key": "A String", 4448 }, 4449 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 4450 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 4451 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 4452 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 4453 "apiVersion": "A String", # API version of the referent. 4454 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 4455 "controller": True or False, # If true, this reference points to the managing controller. +optional 4456 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4457 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 4458 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 4459 }, 4460 ], 4461 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 4462 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 4463 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 4464 }, 4465 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 4466 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4467 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 4468 }, 4469 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 4470 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 4471 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4472 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 4473 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 4474 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 4475 "a_key": "A String", 4476 }, 4477 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 4478 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4479 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 4480 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4481 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 4482 "A String", 4483 ], 4484 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 4485 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 4486 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 4487 "a_key": "A String", 4488 }, 4489 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 4490 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 4491 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 4492 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 4493 "apiVersion": "A String", # API version of the referent. 4494 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 4495 "controller": True or False, # If true, this reference points to the managing controller. +optional 4496 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4497 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 4498 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 4499 }, 4500 ], 4501 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 4502 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 4503 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 4504 }, 4505 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 4506 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 4507 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 4508 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4509 "A String", 4510 ], 4511 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4512 "A String", 4513 ], 4514 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4515 { # EnvVar represents an environment variable present in a Container. 4516 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4517 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4518 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4519 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4520 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4521 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4522 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4523 }, 4524 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4525 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4526 }, 4527 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4528 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4529 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4530 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4531 }, 4532 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4533 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4534 }, 4535 }, 4536 }, 4537 ], 4538 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4539 { # EnvFromSource represents the source of a set of ConfigMaps 4540 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4541 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4542 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4543 }, 4544 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4545 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4546 }, 4547 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4548 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4549 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4550 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4551 }, 4552 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4553 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4554 }, 4555 }, 4556 ], 4557 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4558 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4559 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4560 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4561 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4562 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4563 "A String", 4564 ], 4565 }, 4566 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4567 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4568 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4569 { # HTTPHeader describes a custom header to be used in HTTP probes 4570 "name": "A String", # The header field name 4571 "value": "A String", # The header field value 4572 }, 4573 ], 4574 "path": "A String", # Path to access on the HTTP server. +optional 4575 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4576 "intVal": 42, # The int value. 4577 "strVal": "A String", # The string value. 4578 "type": 42, # The type of the value. 4579 }, 4580 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4581 }, 4582 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4583 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4584 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4585 "intVal": 42, # The int value. 4586 "strVal": "A String", # The string value. 4587 "type": 42, # The type of the value. 4588 }, 4589 }, 4590 }, 4591 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4592 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4593 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4594 "A String", 4595 ], 4596 }, 4597 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4598 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4599 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4600 { # HTTPHeader describes a custom header to be used in HTTP probes 4601 "name": "A String", # The header field name 4602 "value": "A String", # The header field value 4603 }, 4604 ], 4605 "path": "A String", # Path to access on the HTTP server. +optional 4606 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4607 "intVal": 42, # The int value. 4608 "strVal": "A String", # The string value. 4609 "type": 42, # The type of the value. 4610 }, 4611 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4612 }, 4613 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4614 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4615 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4616 "intVal": 42, # The int value. 4617 "strVal": "A String", # The string value. 4618 "type": 42, # The type of the value. 4619 }, 4620 }, 4621 }, 4622 }, 4623 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4624 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4625 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4626 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4627 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4628 "A String", 4629 ], 4630 }, 4631 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4632 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4633 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4634 { # HTTPHeader describes a custom header to be used in HTTP probes 4635 "name": "A String", # The header field name 4636 "value": "A String", # The header field value 4637 }, 4638 ], 4639 "path": "A String", # Path to access on the HTTP server. +optional 4640 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4641 "intVal": 42, # The int value. 4642 "strVal": "A String", # The string value. 4643 "type": 42, # The type of the value. 4644 }, 4645 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4646 }, 4647 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4648 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4650 "intVal": 42, # The int value. 4651 "strVal": "A String", # The string value. 4652 "type": 42, # The type of the value. 4653 }, 4654 }, 4655 }, 4656 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4657 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4658 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4659 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4660 }, 4661 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4662 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4663 { # ContainerPort represents a network port in a single container. 4664 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4665 "hostIP": "A String", # What host IP to bind the external port to. +optional 4666 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4667 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4668 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4669 }, 4670 ], 4671 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4672 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4673 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4674 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4675 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4676 "A String", 4677 ], 4678 }, 4679 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4680 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4681 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4682 { # HTTPHeader describes a custom header to be used in HTTP probes 4683 "name": "A String", # The header field name 4684 "value": "A String", # The header field value 4685 }, 4686 ], 4687 "path": "A String", # Path to access on the HTTP server. +optional 4688 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4689 "intVal": 42, # The int value. 4690 "strVal": "A String", # The string value. 4691 "type": 42, # The type of the value. 4692 }, 4693 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4694 }, 4695 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4696 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4697 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4698 "intVal": 42, # The int value. 4699 "strVal": "A String", # The string value. 4700 "type": 42, # The type of the value. 4701 }, 4702 }, 4703 }, 4704 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4705 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4706 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4707 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4708 }, 4709 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4710 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4711 "a_key": "A String", 4712 }, 4713 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4714 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4715 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4716 }, 4717 }, 4718 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4719 "a_key": "A String", 4720 }, 4721 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4722 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4723 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4724 }, 4725 }, 4726 }, 4727 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4728 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4729 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4730 "add": [ # Added capabilities +optional 4731 "A String", 4732 ], 4733 "drop": [ # Removed capabilities +optional 4734 "A String", 4735 ], 4736 }, 4737 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4738 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4739 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4740 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4741 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4742 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4743 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4744 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4745 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4746 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4747 }, 4748 }, 4749 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4750 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4751 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4752 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4753 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4754 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4755 { # volumeDevice describes a mapping of a raw block device within a container. 4756 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4757 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4758 }, 4759 ], 4760 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4761 { # VolumeMount describes a mounting of a Volume within a container. 4762 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4763 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4764 "name": "A String", # This must match the Name of a Volume. 4765 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4766 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4767 }, 4768 ], 4769 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4770 }, 4771 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 4772 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 4773 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 4774 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4775 "A String", 4776 ], 4777 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4778 "A String", 4779 ], 4780 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4781 { # EnvVar represents an environment variable present in a Container. 4782 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4783 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4784 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4785 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4786 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4787 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4788 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4789 }, 4790 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4791 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4792 }, 4793 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4794 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4795 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4796 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4797 }, 4798 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4799 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4800 }, 4801 }, 4802 }, 4803 ], 4804 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4805 { # EnvFromSource represents the source of a set of ConfigMaps 4806 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4807 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4808 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4809 }, 4810 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4811 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4812 }, 4813 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4814 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4815 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4816 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4817 }, 4818 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4819 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4820 }, 4821 }, 4822 ], 4823 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4824 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4825 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4826 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4827 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4828 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4829 "A String", 4830 ], 4831 }, 4832 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4833 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4834 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4835 { # HTTPHeader describes a custom header to be used in HTTP probes 4836 "name": "A String", # The header field name 4837 "value": "A String", # The header field value 4838 }, 4839 ], 4840 "path": "A String", # Path to access on the HTTP server. +optional 4841 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4842 "intVal": 42, # The int value. 4843 "strVal": "A String", # The string value. 4844 "type": 42, # The type of the value. 4845 }, 4846 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4847 }, 4848 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4849 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4850 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4851 "intVal": 42, # The int value. 4852 "strVal": "A String", # The string value. 4853 "type": 42, # The type of the value. 4854 }, 4855 }, 4856 }, 4857 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4858 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4859 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4860 "A String", 4861 ], 4862 }, 4863 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4864 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4865 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4866 { # HTTPHeader describes a custom header to be used in HTTP probes 4867 "name": "A String", # The header field name 4868 "value": "A String", # The header field value 4869 }, 4870 ], 4871 "path": "A String", # Path to access on the HTTP server. +optional 4872 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4873 "intVal": 42, # The int value. 4874 "strVal": "A String", # The string value. 4875 "type": 42, # The type of the value. 4876 }, 4877 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4878 }, 4879 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4880 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4881 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4882 "intVal": 42, # The int value. 4883 "strVal": "A String", # The string value. 4884 "type": 42, # The type of the value. 4885 }, 4886 }, 4887 }, 4888 }, 4889 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4890 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4891 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4892 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4893 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4894 "A String", 4895 ], 4896 }, 4897 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4898 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4899 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4900 { # HTTPHeader describes a custom header to be used in HTTP probes 4901 "name": "A String", # The header field name 4902 "value": "A String", # The header field value 4903 }, 4904 ], 4905 "path": "A String", # Path to access on the HTTP server. +optional 4906 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4907 "intVal": 42, # The int value. 4908 "strVal": "A String", # The string value. 4909 "type": 42, # The type of the value. 4910 }, 4911 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4912 }, 4913 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4914 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4915 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4916 "intVal": 42, # The int value. 4917 "strVal": "A String", # The string value. 4918 "type": 42, # The type of the value. 4919 }, 4920 }, 4921 }, 4922 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4923 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4924 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4925 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4926 }, 4927 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4928 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4929 { # ContainerPort represents a network port in a single container. 4930 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4931 "hostIP": "A String", # What host IP to bind the external port to. +optional 4932 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4933 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4934 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4935 }, 4936 ], 4937 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4938 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4939 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4940 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4941 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4942 "A String", 4943 ], 4944 }, 4945 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4946 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4947 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4948 { # HTTPHeader describes a custom header to be used in HTTP probes 4949 "name": "A String", # The header field name 4950 "value": "A String", # The header field value 4951 }, 4952 ], 4953 "path": "A String", # Path to access on the HTTP server. +optional 4954 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4955 "intVal": 42, # The int value. 4956 "strVal": "A String", # The string value. 4957 "type": 42, # The type of the value. 4958 }, 4959 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4960 }, 4961 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4962 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4963 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4964 "intVal": 42, # The int value. 4965 "strVal": "A String", # The string value. 4966 "type": 42, # The type of the value. 4967 }, 4968 }, 4969 }, 4970 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4971 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4972 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4973 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4974 }, 4975 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4976 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4977 "a_key": "A String", 4978 }, 4979 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4980 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4981 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4982 }, 4983 }, 4984 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4985 "a_key": "A String", 4986 }, 4987 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4988 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4989 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4990 }, 4991 }, 4992 }, 4993 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4994 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4995 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4996 "add": [ # Added capabilities +optional 4997 "A String", 4998 ], 4999 "drop": [ # Removed capabilities +optional 5000 "A String", 5001 ], 5002 }, 5003 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5004 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5005 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5006 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5007 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5008 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5009 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5010 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5011 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5012 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5013 }, 5014 }, 5015 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5016 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5017 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5018 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5019 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5020 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5021 { # volumeDevice describes a mapping of a raw block device within a container. 5022 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5023 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5024 }, 5025 ], 5026 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5027 { # VolumeMount describes a mounting of a Volume within a container. 5028 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5029 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5030 "name": "A String", # This must match the Name of a Volume. 5031 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5032 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5033 }, 5034 ], 5035 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5036 }, 5037 ], 5038 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5039 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 5040 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 5041 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 5042 "volumes": [ 5043 { # Volume represents a named volume in a container. 5044 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 5045 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5046 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5047 { # Maps a string key to a path within a volume. 5048 "key": "A String", # The key to project. 5049 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5050 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5051 }, 5052 ], 5053 "name": "A String", # Name of the config. 5054 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5055 }, 5056 "name": "A String", # Volume's name. 5057 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 5058 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5059 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5060 { # Maps a string key to a path within a volume. 5061 "key": "A String", # The key to project. 5062 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5063 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5064 }, 5065 ], 5066 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5067 "secretName": "A String", # Name of the secret in the container's namespace to use. 5068 }, 5069 }, 5070 ], 5071 }, 5072 }, 5073 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 5074 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 5075 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 5076 "a_key": "A String", 5077 }, 5078 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 5079 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5080 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 5081 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5082 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 5083 "A String", 5084 ], 5085 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 5086 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 5087 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 5088 "a_key": "A String", 5089 }, 5090 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 5091 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 5092 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 5093 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 5094 "apiVersion": "A String", # API version of the referent. 5095 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 5096 "controller": True or False, # If true, this reference points to the managing controller. +optional 5097 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5098 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 5099 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 5100 }, 5101 ], 5102 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 5103 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 5104 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 5105 }, 5106 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 5107 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 5108 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 5109 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5110 "A String", 5111 ], 5112 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5113 "A String", 5114 ], 5115 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5116 { # EnvVar represents an environment variable present in a Container. 5117 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5118 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5119 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5120 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5121 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5122 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5123 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5124 }, 5125 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5126 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5127 }, 5128 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5129 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5130 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5131 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5132 }, 5133 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5134 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5135 }, 5136 }, 5137 }, 5138 ], 5139 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5140 { # EnvFromSource represents the source of a set of ConfigMaps 5141 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5142 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5143 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5144 }, 5145 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5146 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5147 }, 5148 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5149 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5150 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5151 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5152 }, 5153 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5154 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5155 }, 5156 }, 5157 ], 5158 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5159 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5160 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5161 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5162 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5163 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5164 "A String", 5165 ], 5166 }, 5167 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5168 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5169 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5170 { # HTTPHeader describes a custom header to be used in HTTP probes 5171 "name": "A String", # The header field name 5172 "value": "A String", # The header field value 5173 }, 5174 ], 5175 "path": "A String", # Path to access on the HTTP server. +optional 5176 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5177 "intVal": 42, # The int value. 5178 "strVal": "A String", # The string value. 5179 "type": 42, # The type of the value. 5180 }, 5181 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5182 }, 5183 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5184 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5185 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5186 "intVal": 42, # The int value. 5187 "strVal": "A String", # The string value. 5188 "type": 42, # The type of the value. 5189 }, 5190 }, 5191 }, 5192 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5193 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5194 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5195 "A String", 5196 ], 5197 }, 5198 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5199 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5200 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5201 { # HTTPHeader describes a custom header to be used in HTTP probes 5202 "name": "A String", # The header field name 5203 "value": "A String", # The header field value 5204 }, 5205 ], 5206 "path": "A String", # Path to access on the HTTP server. +optional 5207 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5208 "intVal": 42, # The int value. 5209 "strVal": "A String", # The string value. 5210 "type": 42, # The type of the value. 5211 }, 5212 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5213 }, 5214 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5215 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5216 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5217 "intVal": 42, # The int value. 5218 "strVal": "A String", # The string value. 5219 "type": 42, # The type of the value. 5220 }, 5221 }, 5222 }, 5223 }, 5224 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5225 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5226 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5227 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5228 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5229 "A String", 5230 ], 5231 }, 5232 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5233 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5234 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5235 { # HTTPHeader describes a custom header to be used in HTTP probes 5236 "name": "A String", # The header field name 5237 "value": "A String", # The header field value 5238 }, 5239 ], 5240 "path": "A String", # Path to access on the HTTP server. +optional 5241 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5242 "intVal": 42, # The int value. 5243 "strVal": "A String", # The string value. 5244 "type": 42, # The type of the value. 5245 }, 5246 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5247 }, 5248 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5249 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5251 "intVal": 42, # The int value. 5252 "strVal": "A String", # The string value. 5253 "type": 42, # The type of the value. 5254 }, 5255 }, 5256 }, 5257 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5258 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5259 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5260 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5261 }, 5262 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5263 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5264 { # ContainerPort represents a network port in a single container. 5265 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5266 "hostIP": "A String", # What host IP to bind the external port to. +optional 5267 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5268 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5269 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5270 }, 5271 ], 5272 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5273 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5274 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5275 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5276 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5277 "A String", 5278 ], 5279 }, 5280 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5281 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5282 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5283 { # HTTPHeader describes a custom header to be used in HTTP probes 5284 "name": "A String", # The header field name 5285 "value": "A String", # The header field value 5286 }, 5287 ], 5288 "path": "A String", # Path to access on the HTTP server. +optional 5289 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5290 "intVal": 42, # The int value. 5291 "strVal": "A String", # The string value. 5292 "type": 42, # The type of the value. 5293 }, 5294 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5295 }, 5296 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5297 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5298 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5299 "intVal": 42, # The int value. 5300 "strVal": "A String", # The string value. 5301 "type": 42, # The type of the value. 5302 }, 5303 }, 5304 }, 5305 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5306 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5307 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5308 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5309 }, 5310 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5311 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5312 "a_key": "A String", 5313 }, 5314 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5315 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5316 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5317 }, 5318 }, 5319 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5320 "a_key": "A String", 5321 }, 5322 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5323 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5324 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5325 }, 5326 }, 5327 }, 5328 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5329 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5330 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5331 "add": [ # Added capabilities +optional 5332 "A String", 5333 ], 5334 "drop": [ # Removed capabilities +optional 5335 "A String", 5336 ], 5337 }, 5338 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5339 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5340 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5341 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5342 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5343 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5344 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5345 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5346 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5347 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5348 }, 5349 }, 5350 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5351 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5352 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5353 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5354 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5355 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5356 { # volumeDevice describes a mapping of a raw block device within a container. 5357 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5358 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5359 }, 5360 ], 5361 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5362 { # VolumeMount describes a mounting of a Volume within a container. 5363 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5364 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5365 "name": "A String", # This must match the Name of a Volume. 5366 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5367 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5368 }, 5369 ], 5370 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5371 }, 5372 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 5373 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 5374 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 5375 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5376 "A String", 5377 ], 5378 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5379 "A String", 5380 ], 5381 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5382 { # EnvVar represents an environment variable present in a Container. 5383 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5384 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5385 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5386 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5387 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5388 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5389 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5390 }, 5391 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5392 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5393 }, 5394 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5395 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5396 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5397 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5398 }, 5399 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5400 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5401 }, 5402 }, 5403 }, 5404 ], 5405 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5406 { # EnvFromSource represents the source of a set of ConfigMaps 5407 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5408 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5409 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5410 }, 5411 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5412 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5413 }, 5414 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5415 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5416 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5417 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5418 }, 5419 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5420 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5421 }, 5422 }, 5423 ], 5424 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5425 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5426 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5427 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5428 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5429 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5430 "A String", 5431 ], 5432 }, 5433 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5434 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5435 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5436 { # HTTPHeader describes a custom header to be used in HTTP probes 5437 "name": "A String", # The header field name 5438 "value": "A String", # The header field value 5439 }, 5440 ], 5441 "path": "A String", # Path to access on the HTTP server. +optional 5442 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5443 "intVal": 42, # The int value. 5444 "strVal": "A String", # The string value. 5445 "type": 42, # The type of the value. 5446 }, 5447 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5448 }, 5449 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5450 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5451 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5452 "intVal": 42, # The int value. 5453 "strVal": "A String", # The string value. 5454 "type": 42, # The type of the value. 5455 }, 5456 }, 5457 }, 5458 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5459 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5460 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5461 "A String", 5462 ], 5463 }, 5464 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5465 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5466 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5467 { # HTTPHeader describes a custom header to be used in HTTP probes 5468 "name": "A String", # The header field name 5469 "value": "A String", # The header field value 5470 }, 5471 ], 5472 "path": "A String", # Path to access on the HTTP server. +optional 5473 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5474 "intVal": 42, # The int value. 5475 "strVal": "A String", # The string value. 5476 "type": 42, # The type of the value. 5477 }, 5478 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5479 }, 5480 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5481 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5482 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5483 "intVal": 42, # The int value. 5484 "strVal": "A String", # The string value. 5485 "type": 42, # The type of the value. 5486 }, 5487 }, 5488 }, 5489 }, 5490 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5491 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5492 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5493 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5494 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5495 "A String", 5496 ], 5497 }, 5498 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5499 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5500 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5501 { # HTTPHeader describes a custom header to be used in HTTP probes 5502 "name": "A String", # The header field name 5503 "value": "A String", # The header field value 5504 }, 5505 ], 5506 "path": "A String", # Path to access on the HTTP server. +optional 5507 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5508 "intVal": 42, # The int value. 5509 "strVal": "A String", # The string value. 5510 "type": 42, # The type of the value. 5511 }, 5512 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5513 }, 5514 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5515 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5516 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5517 "intVal": 42, # The int value. 5518 "strVal": "A String", # The string value. 5519 "type": 42, # The type of the value. 5520 }, 5521 }, 5522 }, 5523 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5524 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5525 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5526 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5527 }, 5528 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5529 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5530 { # ContainerPort represents a network port in a single container. 5531 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5532 "hostIP": "A String", # What host IP to bind the external port to. +optional 5533 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5534 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5535 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5536 }, 5537 ], 5538 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5539 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5540 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5541 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5542 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5543 "A String", 5544 ], 5545 }, 5546 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5547 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5548 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5549 { # HTTPHeader describes a custom header to be used in HTTP probes 5550 "name": "A String", # The header field name 5551 "value": "A String", # The header field value 5552 }, 5553 ], 5554 "path": "A String", # Path to access on the HTTP server. +optional 5555 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5556 "intVal": 42, # The int value. 5557 "strVal": "A String", # The string value. 5558 "type": 42, # The type of the value. 5559 }, 5560 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5561 }, 5562 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5563 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5564 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5565 "intVal": 42, # The int value. 5566 "strVal": "A String", # The string value. 5567 "type": 42, # The type of the value. 5568 }, 5569 }, 5570 }, 5571 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5572 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5573 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5574 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5575 }, 5576 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5577 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5578 "a_key": "A String", 5579 }, 5580 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5581 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5582 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5583 }, 5584 }, 5585 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5586 "a_key": "A String", 5587 }, 5588 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5589 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5590 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5591 }, 5592 }, 5593 }, 5594 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5595 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5596 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5597 "add": [ # Added capabilities +optional 5598 "A String", 5599 ], 5600 "drop": [ # Removed capabilities +optional 5601 "A String", 5602 ], 5603 }, 5604 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5605 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5606 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5607 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5608 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5609 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5610 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5611 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5612 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5613 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5614 }, 5615 }, 5616 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5617 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5618 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5619 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5620 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5621 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5622 { # volumeDevice describes a mapping of a raw block device within a container. 5623 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5624 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5625 }, 5626 ], 5627 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5628 { # VolumeMount describes a mounting of a Volume within a container. 5629 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5630 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5631 "name": "A String", # This must match the Name of a Volume. 5632 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5633 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5634 }, 5635 ], 5636 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5637 }, 5638 ], 5639 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5640 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 5641 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 5642 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 5643 "volumes": [ 5644 { # Volume represents a named volume in a container. 5645 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 5646 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5647 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5648 { # Maps a string key to a path within a volume. 5649 "key": "A String", # The key to project. 5650 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5651 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5652 }, 5653 ], 5654 "name": "A String", # Name of the config. 5655 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5656 }, 5657 "name": "A String", # Volume's name. 5658 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 5659 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5660 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5661 { # Maps a string key to a path within a volume. 5662 "key": "A String", # The key to project. 5663 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5664 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5665 }, 5666 ], 5667 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5668 "secretName": "A String", # Name of the secret in the container's namespace to use. 5669 }, 5670 }, 5671 ], 5672 }, 5673 }, 5674 }, 5675 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 5676 }, 5677 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 5678 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 5679 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5680 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 5681 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 5682 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 5683 "a_key": "A String", 5684 }, 5685 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 5686 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5687 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 5688 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5689 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 5690 "A String", 5691 ], 5692 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 5693 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 5694 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 5695 "a_key": "A String", 5696 }, 5697 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 5698 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 5699 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 5700 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 5701 "apiVersion": "A String", # API version of the referent. 5702 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 5703 "controller": True or False, # If true, this reference points to the managing controller. +optional 5704 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5705 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 5706 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 5707 }, 5708 ], 5709 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 5710 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 5711 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 5712 }, 5713 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 5714 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 5715 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 5716 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5717 "A String", 5718 ], 5719 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5720 "A String", 5721 ], 5722 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5723 { # EnvVar represents an environment variable present in a Container. 5724 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5725 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5726 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5727 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5728 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5729 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5730 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5731 }, 5732 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5733 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5734 }, 5735 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5736 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5737 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5738 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5739 }, 5740 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5741 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5742 }, 5743 }, 5744 }, 5745 ], 5746 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5747 { # EnvFromSource represents the source of a set of ConfigMaps 5748 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5749 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5750 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5751 }, 5752 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5753 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5754 }, 5755 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5756 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5757 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5758 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5759 }, 5760 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5761 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5762 }, 5763 }, 5764 ], 5765 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5766 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5767 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5768 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5769 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5770 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5771 "A String", 5772 ], 5773 }, 5774 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5775 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5776 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5777 { # HTTPHeader describes a custom header to be used in HTTP probes 5778 "name": "A String", # The header field name 5779 "value": "A String", # The header field value 5780 }, 5781 ], 5782 "path": "A String", # Path to access on the HTTP server. +optional 5783 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5784 "intVal": 42, # The int value. 5785 "strVal": "A String", # The string value. 5786 "type": 42, # The type of the value. 5787 }, 5788 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5789 }, 5790 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5791 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5792 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5793 "intVal": 42, # The int value. 5794 "strVal": "A String", # The string value. 5795 "type": 42, # The type of the value. 5796 }, 5797 }, 5798 }, 5799 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5800 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5801 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5802 "A String", 5803 ], 5804 }, 5805 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5806 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5807 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5808 { # HTTPHeader describes a custom header to be used in HTTP probes 5809 "name": "A String", # The header field name 5810 "value": "A String", # The header field value 5811 }, 5812 ], 5813 "path": "A String", # Path to access on the HTTP server. +optional 5814 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5815 "intVal": 42, # The int value. 5816 "strVal": "A String", # The string value. 5817 "type": 42, # The type of the value. 5818 }, 5819 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5820 }, 5821 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5822 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5823 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5824 "intVal": 42, # The int value. 5825 "strVal": "A String", # The string value. 5826 "type": 42, # The type of the value. 5827 }, 5828 }, 5829 }, 5830 }, 5831 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5832 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5833 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5834 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5835 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5836 "A String", 5837 ], 5838 }, 5839 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5840 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5841 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5842 { # HTTPHeader describes a custom header to be used in HTTP probes 5843 "name": "A String", # The header field name 5844 "value": "A String", # The header field value 5845 }, 5846 ], 5847 "path": "A String", # Path to access on the HTTP server. +optional 5848 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5849 "intVal": 42, # The int value. 5850 "strVal": "A String", # The string value. 5851 "type": 42, # The type of the value. 5852 }, 5853 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5854 }, 5855 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5856 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5857 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5858 "intVal": 42, # The int value. 5859 "strVal": "A String", # The string value. 5860 "type": 42, # The type of the value. 5861 }, 5862 }, 5863 }, 5864 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5865 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5866 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5867 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5868 }, 5869 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5870 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5871 { # ContainerPort represents a network port in a single container. 5872 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5873 "hostIP": "A String", # What host IP to bind the external port to. +optional 5874 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5875 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5876 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5877 }, 5878 ], 5879 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5880 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5881 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5882 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5883 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5884 "A String", 5885 ], 5886 }, 5887 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5888 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5889 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5890 { # HTTPHeader describes a custom header to be used in HTTP probes 5891 "name": "A String", # The header field name 5892 "value": "A String", # The header field value 5893 }, 5894 ], 5895 "path": "A String", # Path to access on the HTTP server. +optional 5896 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5897 "intVal": 42, # The int value. 5898 "strVal": "A String", # The string value. 5899 "type": 42, # The type of the value. 5900 }, 5901 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5902 }, 5903 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5904 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5905 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5906 "intVal": 42, # The int value. 5907 "strVal": "A String", # The string value. 5908 "type": 42, # The type of the value. 5909 }, 5910 }, 5911 }, 5912 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5913 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5914 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5915 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5916 }, 5917 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5918 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5919 "a_key": "A String", 5920 }, 5921 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5922 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5923 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5924 }, 5925 }, 5926 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5927 "a_key": "A String", 5928 }, 5929 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5930 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5931 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5932 }, 5933 }, 5934 }, 5935 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5936 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5937 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5938 "add": [ # Added capabilities +optional 5939 "A String", 5940 ], 5941 "drop": [ # Removed capabilities +optional 5942 "A String", 5943 ], 5944 }, 5945 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5946 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5947 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5948 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5949 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5950 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5951 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5952 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5953 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5954 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5955 }, 5956 }, 5957 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5958 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5959 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5960 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5961 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5962 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5963 { # volumeDevice describes a mapping of a raw block device within a container. 5964 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5965 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5966 }, 5967 ], 5968 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5969 { # VolumeMount describes a mounting of a Volume within a container. 5970 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5971 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5972 "name": "A String", # This must match the Name of a Volume. 5973 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5974 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5975 }, 5976 ], 5977 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5978 }, 5979 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 5980 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 5981 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 5982 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5983 "A String", 5984 ], 5985 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5986 "A String", 5987 ], 5988 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5989 { # EnvVar represents an environment variable present in a Container. 5990 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5991 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5992 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5993 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5994 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5995 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5996 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5997 }, 5998 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5999 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6000 }, 6001 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6002 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6003 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6004 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6005 }, 6006 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6007 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6008 }, 6009 }, 6010 }, 6011 ], 6012 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6013 { # EnvFromSource represents the source of a set of ConfigMaps 6014 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6015 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6016 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6017 }, 6018 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6019 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6020 }, 6021 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6022 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6023 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6024 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6025 }, 6026 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6027 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6028 }, 6029 }, 6030 ], 6031 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6032 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6033 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6034 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6035 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6036 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6037 "A String", 6038 ], 6039 }, 6040 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6041 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6042 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6043 { # HTTPHeader describes a custom header to be used in HTTP probes 6044 "name": "A String", # The header field name 6045 "value": "A String", # The header field value 6046 }, 6047 ], 6048 "path": "A String", # Path to access on the HTTP server. +optional 6049 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6050 "intVal": 42, # The int value. 6051 "strVal": "A String", # The string value. 6052 "type": 42, # The type of the value. 6053 }, 6054 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6055 }, 6056 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6057 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6058 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6059 "intVal": 42, # The int value. 6060 "strVal": "A String", # The string value. 6061 "type": 42, # The type of the value. 6062 }, 6063 }, 6064 }, 6065 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6066 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6067 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6068 "A String", 6069 ], 6070 }, 6071 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6072 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6073 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6074 { # HTTPHeader describes a custom header to be used in HTTP probes 6075 "name": "A String", # The header field name 6076 "value": "A String", # The header field value 6077 }, 6078 ], 6079 "path": "A String", # Path to access on the HTTP server. +optional 6080 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6081 "intVal": 42, # The int value. 6082 "strVal": "A String", # The string value. 6083 "type": 42, # The type of the value. 6084 }, 6085 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6086 }, 6087 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6088 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6089 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6090 "intVal": 42, # The int value. 6091 "strVal": "A String", # The string value. 6092 "type": 42, # The type of the value. 6093 }, 6094 }, 6095 }, 6096 }, 6097 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6098 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6099 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6100 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6101 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6102 "A String", 6103 ], 6104 }, 6105 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6106 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6107 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6108 { # HTTPHeader describes a custom header to be used in HTTP probes 6109 "name": "A String", # The header field name 6110 "value": "A String", # The header field value 6111 }, 6112 ], 6113 "path": "A String", # Path to access on the HTTP server. +optional 6114 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6115 "intVal": 42, # The int value. 6116 "strVal": "A String", # The string value. 6117 "type": 42, # The type of the value. 6118 }, 6119 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6120 }, 6121 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6122 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6123 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6124 "intVal": 42, # The int value. 6125 "strVal": "A String", # The string value. 6126 "type": 42, # The type of the value. 6127 }, 6128 }, 6129 }, 6130 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6131 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6132 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6133 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6134 }, 6135 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6136 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6137 { # ContainerPort represents a network port in a single container. 6138 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6139 "hostIP": "A String", # What host IP to bind the external port to. +optional 6140 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6141 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6142 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6143 }, 6144 ], 6145 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6146 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6147 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6148 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6149 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6150 "A String", 6151 ], 6152 }, 6153 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6154 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6155 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6156 { # HTTPHeader describes a custom header to be used in HTTP probes 6157 "name": "A String", # The header field name 6158 "value": "A String", # The header field value 6159 }, 6160 ], 6161 "path": "A String", # Path to access on the HTTP server. +optional 6162 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6163 "intVal": 42, # The int value. 6164 "strVal": "A String", # The string value. 6165 "type": 42, # The type of the value. 6166 }, 6167 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6168 }, 6169 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6170 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6171 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6172 "intVal": 42, # The int value. 6173 "strVal": "A String", # The string value. 6174 "type": 42, # The type of the value. 6175 }, 6176 }, 6177 }, 6178 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6179 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6180 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6181 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6182 }, 6183 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6184 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6185 "a_key": "A String", 6186 }, 6187 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6188 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6189 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6190 }, 6191 }, 6192 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6193 "a_key": "A String", 6194 }, 6195 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6196 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6197 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6198 }, 6199 }, 6200 }, 6201 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6202 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6203 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6204 "add": [ # Added capabilities +optional 6205 "A String", 6206 ], 6207 "drop": [ # Removed capabilities +optional 6208 "A String", 6209 ], 6210 }, 6211 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6212 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6213 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6214 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6215 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6216 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6217 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6218 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6219 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6220 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6221 }, 6222 }, 6223 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6224 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6225 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6226 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6227 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6228 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6229 { # volumeDevice describes a mapping of a raw block device within a container. 6230 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6231 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6232 }, 6233 ], 6234 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6235 { # VolumeMount describes a mounting of a Volume within a container. 6236 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6237 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6238 "name": "A String", # This must match the Name of a Volume. 6239 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6240 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6241 }, 6242 ], 6243 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6244 }, 6245 ], 6246 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6247 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 6248 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 6249 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 6250 "volumes": [ 6251 { # Volume represents a named volume in a container. 6252 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 6253 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6254 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6255 { # Maps a string key to a path within a volume. 6256 "key": "A String", # The key to project. 6257 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6258 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6259 }, 6260 ], 6261 "name": "A String", # Name of the config. 6262 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6263 }, 6264 "name": "A String", # Volume's name. 6265 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 6266 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6267 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6268 { # Maps a string key to a path within a volume. 6269 "key": "A String", # The key to project. 6270 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6271 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6272 }, 6273 ], 6274 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6275 "secretName": "A String", # Name of the secret in the container's namespace to use. 6276 }, 6277 }, 6278 ], 6279 }, 6280 }, 6281 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 6282 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 6283 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 6284 "a_key": "A String", 6285 }, 6286 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 6287 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6288 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 6289 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6290 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 6291 "A String", 6292 ], 6293 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 6294 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 6295 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 6296 "a_key": "A String", 6297 }, 6298 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 6299 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 6300 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 6301 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 6302 "apiVersion": "A String", # API version of the referent. 6303 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 6304 "controller": True or False, # If true, this reference points to the managing controller. +optional 6305 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6306 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 6307 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 6308 }, 6309 ], 6310 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 6311 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 6312 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 6313 }, 6314 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 6315 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 6316 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 6317 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6318 "A String", 6319 ], 6320 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6321 "A String", 6322 ], 6323 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6324 { # EnvVar represents an environment variable present in a Container. 6325 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6326 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6327 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6328 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6329 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6330 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6331 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6332 }, 6333 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6334 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6335 }, 6336 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6337 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6338 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6339 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6340 }, 6341 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6342 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6343 }, 6344 }, 6345 }, 6346 ], 6347 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6348 { # EnvFromSource represents the source of a set of ConfigMaps 6349 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6350 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6351 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6352 }, 6353 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6354 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6355 }, 6356 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6357 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6358 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6359 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6360 }, 6361 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6362 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6363 }, 6364 }, 6365 ], 6366 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6367 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6368 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6369 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6370 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6371 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6372 "A String", 6373 ], 6374 }, 6375 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6376 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6377 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6378 { # HTTPHeader describes a custom header to be used in HTTP probes 6379 "name": "A String", # The header field name 6380 "value": "A String", # The header field value 6381 }, 6382 ], 6383 "path": "A String", # Path to access on the HTTP server. +optional 6384 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6385 "intVal": 42, # The int value. 6386 "strVal": "A String", # The string value. 6387 "type": 42, # The type of the value. 6388 }, 6389 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6390 }, 6391 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6392 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6393 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6394 "intVal": 42, # The int value. 6395 "strVal": "A String", # The string value. 6396 "type": 42, # The type of the value. 6397 }, 6398 }, 6399 }, 6400 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6401 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6402 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6403 "A String", 6404 ], 6405 }, 6406 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6407 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6408 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6409 { # HTTPHeader describes a custom header to be used in HTTP probes 6410 "name": "A String", # The header field name 6411 "value": "A String", # The header field value 6412 }, 6413 ], 6414 "path": "A String", # Path to access on the HTTP server. +optional 6415 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6416 "intVal": 42, # The int value. 6417 "strVal": "A String", # The string value. 6418 "type": 42, # The type of the value. 6419 }, 6420 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6421 }, 6422 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6423 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6424 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6425 "intVal": 42, # The int value. 6426 "strVal": "A String", # The string value. 6427 "type": 42, # The type of the value. 6428 }, 6429 }, 6430 }, 6431 }, 6432 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6433 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6434 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6435 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6436 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6437 "A String", 6438 ], 6439 }, 6440 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6441 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6442 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6443 { # HTTPHeader describes a custom header to be used in HTTP probes 6444 "name": "A String", # The header field name 6445 "value": "A String", # The header field value 6446 }, 6447 ], 6448 "path": "A String", # Path to access on the HTTP server. +optional 6449 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6450 "intVal": 42, # The int value. 6451 "strVal": "A String", # The string value. 6452 "type": 42, # The type of the value. 6453 }, 6454 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6455 }, 6456 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6457 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6458 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6459 "intVal": 42, # The int value. 6460 "strVal": "A String", # The string value. 6461 "type": 42, # The type of the value. 6462 }, 6463 }, 6464 }, 6465 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6466 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6467 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6468 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6469 }, 6470 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6471 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6472 { # ContainerPort represents a network port in a single container. 6473 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6474 "hostIP": "A String", # What host IP to bind the external port to. +optional 6475 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6476 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6477 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6478 }, 6479 ], 6480 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6481 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6482 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6483 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6484 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6485 "A String", 6486 ], 6487 }, 6488 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6489 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6490 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6491 { # HTTPHeader describes a custom header to be used in HTTP probes 6492 "name": "A String", # The header field name 6493 "value": "A String", # The header field value 6494 }, 6495 ], 6496 "path": "A String", # Path to access on the HTTP server. +optional 6497 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6498 "intVal": 42, # The int value. 6499 "strVal": "A String", # The string value. 6500 "type": 42, # The type of the value. 6501 }, 6502 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6503 }, 6504 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6505 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6506 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6507 "intVal": 42, # The int value. 6508 "strVal": "A String", # The string value. 6509 "type": 42, # The type of the value. 6510 }, 6511 }, 6512 }, 6513 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6514 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6515 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6516 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6517 }, 6518 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6519 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6520 "a_key": "A String", 6521 }, 6522 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6523 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6524 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6525 }, 6526 }, 6527 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6528 "a_key": "A String", 6529 }, 6530 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6531 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6532 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6533 }, 6534 }, 6535 }, 6536 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6537 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6538 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6539 "add": [ # Added capabilities +optional 6540 "A String", 6541 ], 6542 "drop": [ # Removed capabilities +optional 6543 "A String", 6544 ], 6545 }, 6546 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6547 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6548 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6549 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6550 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6551 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6552 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6553 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6554 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6555 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6556 }, 6557 }, 6558 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6559 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6560 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6561 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6562 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6563 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6564 { # volumeDevice describes a mapping of a raw block device within a container. 6565 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6566 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6567 }, 6568 ], 6569 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6570 { # VolumeMount describes a mounting of a Volume within a container. 6571 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6572 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6573 "name": "A String", # This must match the Name of a Volume. 6574 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6575 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6576 }, 6577 ], 6578 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6579 }, 6580 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 6581 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 6582 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 6583 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6584 "A String", 6585 ], 6586 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6587 "A String", 6588 ], 6589 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6590 { # EnvVar represents an environment variable present in a Container. 6591 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6592 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6593 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6594 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6595 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6596 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6597 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6598 }, 6599 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6600 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6601 }, 6602 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6603 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6604 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6605 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6606 }, 6607 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6608 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6609 }, 6610 }, 6611 }, 6612 ], 6613 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6614 { # EnvFromSource represents the source of a set of ConfigMaps 6615 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6616 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6617 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6618 }, 6619 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6620 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6621 }, 6622 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6623 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6624 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6625 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6626 }, 6627 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6628 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6629 }, 6630 }, 6631 ], 6632 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6633 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6634 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6635 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6636 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6637 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6638 "A String", 6639 ], 6640 }, 6641 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6642 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6643 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6644 { # HTTPHeader describes a custom header to be used in HTTP probes 6645 "name": "A String", # The header field name 6646 "value": "A String", # The header field value 6647 }, 6648 ], 6649 "path": "A String", # Path to access on the HTTP server. +optional 6650 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6651 "intVal": 42, # The int value. 6652 "strVal": "A String", # The string value. 6653 "type": 42, # The type of the value. 6654 }, 6655 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6656 }, 6657 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6658 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6659 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6660 "intVal": 42, # The int value. 6661 "strVal": "A String", # The string value. 6662 "type": 42, # The type of the value. 6663 }, 6664 }, 6665 }, 6666 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6667 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6668 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6669 "A String", 6670 ], 6671 }, 6672 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6673 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6674 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6675 { # HTTPHeader describes a custom header to be used in HTTP probes 6676 "name": "A String", # The header field name 6677 "value": "A String", # The header field value 6678 }, 6679 ], 6680 "path": "A String", # Path to access on the HTTP server. +optional 6681 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6682 "intVal": 42, # The int value. 6683 "strVal": "A String", # The string value. 6684 "type": 42, # The type of the value. 6685 }, 6686 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6687 }, 6688 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6689 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6690 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6691 "intVal": 42, # The int value. 6692 "strVal": "A String", # The string value. 6693 "type": 42, # The type of the value. 6694 }, 6695 }, 6696 }, 6697 }, 6698 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6699 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6700 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6701 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6702 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6703 "A String", 6704 ], 6705 }, 6706 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6707 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6708 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6709 { # HTTPHeader describes a custom header to be used in HTTP probes 6710 "name": "A String", # The header field name 6711 "value": "A String", # The header field value 6712 }, 6713 ], 6714 "path": "A String", # Path to access on the HTTP server. +optional 6715 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6716 "intVal": 42, # The int value. 6717 "strVal": "A String", # The string value. 6718 "type": 42, # The type of the value. 6719 }, 6720 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6721 }, 6722 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6723 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6724 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6725 "intVal": 42, # The int value. 6726 "strVal": "A String", # The string value. 6727 "type": 42, # The type of the value. 6728 }, 6729 }, 6730 }, 6731 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6732 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6733 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6734 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6735 }, 6736 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6737 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6738 { # ContainerPort represents a network port in a single container. 6739 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6740 "hostIP": "A String", # What host IP to bind the external port to. +optional 6741 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6742 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6743 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6744 }, 6745 ], 6746 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6747 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6748 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6749 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6750 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6751 "A String", 6752 ], 6753 }, 6754 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6755 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6756 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6757 { # HTTPHeader describes a custom header to be used in HTTP probes 6758 "name": "A String", # The header field name 6759 "value": "A String", # The header field value 6760 }, 6761 ], 6762 "path": "A String", # Path to access on the HTTP server. +optional 6763 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6764 "intVal": 42, # The int value. 6765 "strVal": "A String", # The string value. 6766 "type": 42, # The type of the value. 6767 }, 6768 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6769 }, 6770 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6771 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6772 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6773 "intVal": 42, # The int value. 6774 "strVal": "A String", # The string value. 6775 "type": 42, # The type of the value. 6776 }, 6777 }, 6778 }, 6779 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6780 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6781 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6782 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6783 }, 6784 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6785 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6786 "a_key": "A String", 6787 }, 6788 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6789 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6790 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6791 }, 6792 }, 6793 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6794 "a_key": "A String", 6795 }, 6796 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6797 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6798 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6799 }, 6800 }, 6801 }, 6802 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6803 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6804 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6805 "add": [ # Added capabilities +optional 6806 "A String", 6807 ], 6808 "drop": [ # Removed capabilities +optional 6809 "A String", 6810 ], 6811 }, 6812 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6813 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6814 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6815 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6816 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6817 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6818 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6819 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6820 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6821 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6822 }, 6823 }, 6824 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6825 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6826 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6827 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6828 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6829 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6830 { # volumeDevice describes a mapping of a raw block device within a container. 6831 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6832 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6833 }, 6834 ], 6835 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6836 { # VolumeMount describes a mounting of a Volume within a container. 6837 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6838 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6839 "name": "A String", # This must match the Name of a Volume. 6840 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6841 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6842 }, 6843 ], 6844 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6845 }, 6846 ], 6847 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6848 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 6849 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 6850 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 6851 "volumes": [ 6852 { # Volume represents a named volume in a container. 6853 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 6854 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6855 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6856 { # Maps a string key to a path within a volume. 6857 "key": "A String", # The key to project. 6858 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6859 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6860 }, 6861 ], 6862 "name": "A String", # Name of the config. 6863 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6864 }, 6865 "name": "A String", # Volume's name. 6866 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 6867 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6868 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6869 { # Maps a string key to a path within a volume. 6870 "key": "A String", # The key to project. 6871 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6872 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6873 }, 6874 ], 6875 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6876 "secretName": "A String", # Name of the secret in the container's namespace to use. 6877 }, 6878 }, 6879 ], 6880 }, 6881 }, 6882 }, 6883 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 6884 "A String", 6885 ], 6886 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 6887 }, 6888 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 6889 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 6890 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6891 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 6892 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 6893 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 6894 "a_key": "A String", 6895 }, 6896 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 6897 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6898 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 6899 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6900 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 6901 "A String", 6902 ], 6903 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 6904 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 6905 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 6906 "a_key": "A String", 6907 }, 6908 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 6909 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 6910 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 6911 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 6912 "apiVersion": "A String", # API version of the referent. 6913 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 6914 "controller": True or False, # If true, this reference points to the managing controller. +optional 6915 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6916 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 6917 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 6918 }, 6919 ], 6920 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 6921 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 6922 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 6923 }, 6924 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 6925 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 6926 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 6927 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6928 "A String", 6929 ], 6930 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6931 "A String", 6932 ], 6933 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6934 { # EnvVar represents an environment variable present in a Container. 6935 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6936 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6937 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6938 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6939 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6940 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6941 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6942 }, 6943 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6944 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6945 }, 6946 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6947 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6948 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6949 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6950 }, 6951 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6952 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6953 }, 6954 }, 6955 }, 6956 ], 6957 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6958 { # EnvFromSource represents the source of a set of ConfigMaps 6959 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6960 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6961 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6962 }, 6963 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6964 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6965 }, 6966 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6967 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6968 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6969 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6970 }, 6971 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6972 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6973 }, 6974 }, 6975 ], 6976 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6977 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6978 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6979 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6980 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6981 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6982 "A String", 6983 ], 6984 }, 6985 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6986 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6987 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6988 { # HTTPHeader describes a custom header to be used in HTTP probes 6989 "name": "A String", # The header field name 6990 "value": "A String", # The header field value 6991 }, 6992 ], 6993 "path": "A String", # Path to access on the HTTP server. +optional 6994 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6995 "intVal": 42, # The int value. 6996 "strVal": "A String", # The string value. 6997 "type": 42, # The type of the value. 6998 }, 6999 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7000 }, 7001 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7002 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7003 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7004 "intVal": 42, # The int value. 7005 "strVal": "A String", # The string value. 7006 "type": 42, # The type of the value. 7007 }, 7008 }, 7009 }, 7010 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7011 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7012 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7013 "A String", 7014 ], 7015 }, 7016 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7017 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7018 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7019 { # HTTPHeader describes a custom header to be used in HTTP probes 7020 "name": "A String", # The header field name 7021 "value": "A String", # The header field value 7022 }, 7023 ], 7024 "path": "A String", # Path to access on the HTTP server. +optional 7025 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7026 "intVal": 42, # The int value. 7027 "strVal": "A String", # The string value. 7028 "type": 42, # The type of the value. 7029 }, 7030 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7031 }, 7032 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7033 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7034 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7035 "intVal": 42, # The int value. 7036 "strVal": "A String", # The string value. 7037 "type": 42, # The type of the value. 7038 }, 7039 }, 7040 }, 7041 }, 7042 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7043 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7044 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7045 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7046 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7047 "A String", 7048 ], 7049 }, 7050 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7051 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7052 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7053 { # HTTPHeader describes a custom header to be used in HTTP probes 7054 "name": "A String", # The header field name 7055 "value": "A String", # The header field value 7056 }, 7057 ], 7058 "path": "A String", # Path to access on the HTTP server. +optional 7059 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7060 "intVal": 42, # The int value. 7061 "strVal": "A String", # The string value. 7062 "type": 42, # The type of the value. 7063 }, 7064 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7065 }, 7066 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7067 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7068 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7069 "intVal": 42, # The int value. 7070 "strVal": "A String", # The string value. 7071 "type": 42, # The type of the value. 7072 }, 7073 }, 7074 }, 7075 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7076 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7077 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7078 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7079 }, 7080 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7081 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7082 { # ContainerPort represents a network port in a single container. 7083 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7084 "hostIP": "A String", # What host IP to bind the external port to. +optional 7085 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7086 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7087 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7088 }, 7089 ], 7090 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7091 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7092 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7093 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7094 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7095 "A String", 7096 ], 7097 }, 7098 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7099 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7100 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7101 { # HTTPHeader describes a custom header to be used in HTTP probes 7102 "name": "A String", # The header field name 7103 "value": "A String", # The header field value 7104 }, 7105 ], 7106 "path": "A String", # Path to access on the HTTP server. +optional 7107 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7108 "intVal": 42, # The int value. 7109 "strVal": "A String", # The string value. 7110 "type": 42, # The type of the value. 7111 }, 7112 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7113 }, 7114 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7115 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7116 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7117 "intVal": 42, # The int value. 7118 "strVal": "A String", # The string value. 7119 "type": 42, # The type of the value. 7120 }, 7121 }, 7122 }, 7123 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7124 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7125 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7126 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7127 }, 7128 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7129 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7130 "a_key": "A String", 7131 }, 7132 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7133 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7134 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7135 }, 7136 }, 7137 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7138 "a_key": "A String", 7139 }, 7140 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7141 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7142 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7143 }, 7144 }, 7145 }, 7146 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7147 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7148 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7149 "add": [ # Added capabilities +optional 7150 "A String", 7151 ], 7152 "drop": [ # Removed capabilities +optional 7153 "A String", 7154 ], 7155 }, 7156 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7157 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7158 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7159 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7160 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7161 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7162 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7163 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7164 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7165 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7166 }, 7167 }, 7168 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7169 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7170 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7171 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7172 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7173 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7174 { # volumeDevice describes a mapping of a raw block device within a container. 7175 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7176 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7177 }, 7178 ], 7179 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7180 { # VolumeMount describes a mounting of a Volume within a container. 7181 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7182 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7183 "name": "A String", # This must match the Name of a Volume. 7184 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7185 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7186 }, 7187 ], 7188 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7189 }, 7190 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 7191 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 7192 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 7193 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7194 "A String", 7195 ], 7196 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7197 "A String", 7198 ], 7199 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7200 { # EnvVar represents an environment variable present in a Container. 7201 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7202 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7203 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7204 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7205 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7206 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7207 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7208 }, 7209 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7210 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7211 }, 7212 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7213 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7214 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7215 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7216 }, 7217 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7218 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7219 }, 7220 }, 7221 }, 7222 ], 7223 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7224 { # EnvFromSource represents the source of a set of ConfigMaps 7225 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7226 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7227 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7228 }, 7229 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7230 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7231 }, 7232 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7233 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7234 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7235 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7236 }, 7237 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7238 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7239 }, 7240 }, 7241 ], 7242 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7243 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7244 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7245 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7246 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7247 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7248 "A String", 7249 ], 7250 }, 7251 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7252 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7253 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7254 { # HTTPHeader describes a custom header to be used in HTTP probes 7255 "name": "A String", # The header field name 7256 "value": "A String", # The header field value 7257 }, 7258 ], 7259 "path": "A String", # Path to access on the HTTP server. +optional 7260 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7261 "intVal": 42, # The int value. 7262 "strVal": "A String", # The string value. 7263 "type": 42, # The type of the value. 7264 }, 7265 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7266 }, 7267 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7268 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7269 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7270 "intVal": 42, # The int value. 7271 "strVal": "A String", # The string value. 7272 "type": 42, # The type of the value. 7273 }, 7274 }, 7275 }, 7276 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7277 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7278 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7279 "A String", 7280 ], 7281 }, 7282 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7283 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7284 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7285 { # HTTPHeader describes a custom header to be used in HTTP probes 7286 "name": "A String", # The header field name 7287 "value": "A String", # The header field value 7288 }, 7289 ], 7290 "path": "A String", # Path to access on the HTTP server. +optional 7291 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7292 "intVal": 42, # The int value. 7293 "strVal": "A String", # The string value. 7294 "type": 42, # The type of the value. 7295 }, 7296 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7297 }, 7298 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7299 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7300 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7301 "intVal": 42, # The int value. 7302 "strVal": "A String", # The string value. 7303 "type": 42, # The type of the value. 7304 }, 7305 }, 7306 }, 7307 }, 7308 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7309 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7310 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7311 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7312 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7313 "A String", 7314 ], 7315 }, 7316 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7317 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7318 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7319 { # HTTPHeader describes a custom header to be used in HTTP probes 7320 "name": "A String", # The header field name 7321 "value": "A String", # The header field value 7322 }, 7323 ], 7324 "path": "A String", # Path to access on the HTTP server. +optional 7325 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7326 "intVal": 42, # The int value. 7327 "strVal": "A String", # The string value. 7328 "type": 42, # The type of the value. 7329 }, 7330 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7331 }, 7332 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7333 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7334 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7335 "intVal": 42, # The int value. 7336 "strVal": "A String", # The string value. 7337 "type": 42, # The type of the value. 7338 }, 7339 }, 7340 }, 7341 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7342 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7343 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7344 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7345 }, 7346 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7347 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7348 { # ContainerPort represents a network port in a single container. 7349 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7350 "hostIP": "A String", # What host IP to bind the external port to. +optional 7351 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7352 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7353 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7354 }, 7355 ], 7356 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7357 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7358 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7359 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7360 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7361 "A String", 7362 ], 7363 }, 7364 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7365 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7366 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7367 { # HTTPHeader describes a custom header to be used in HTTP probes 7368 "name": "A String", # The header field name 7369 "value": "A String", # The header field value 7370 }, 7371 ], 7372 "path": "A String", # Path to access on the HTTP server. +optional 7373 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7374 "intVal": 42, # The int value. 7375 "strVal": "A String", # The string value. 7376 "type": 42, # The type of the value. 7377 }, 7378 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7379 }, 7380 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7381 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7382 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7383 "intVal": 42, # The int value. 7384 "strVal": "A String", # The string value. 7385 "type": 42, # The type of the value. 7386 }, 7387 }, 7388 }, 7389 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7390 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7391 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7392 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7393 }, 7394 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7395 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7396 "a_key": "A String", 7397 }, 7398 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7399 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7400 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7401 }, 7402 }, 7403 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7404 "a_key": "A String", 7405 }, 7406 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7407 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7408 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7409 }, 7410 }, 7411 }, 7412 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7413 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7414 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7415 "add": [ # Added capabilities +optional 7416 "A String", 7417 ], 7418 "drop": [ # Removed capabilities +optional 7419 "A String", 7420 ], 7421 }, 7422 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7423 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7424 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7425 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7426 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7427 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7428 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7429 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7430 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7431 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7432 }, 7433 }, 7434 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7435 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7436 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7437 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7438 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7439 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7440 { # volumeDevice describes a mapping of a raw block device within a container. 7441 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7442 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7443 }, 7444 ], 7445 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7446 { # VolumeMount describes a mounting of a Volume within a container. 7447 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7448 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7449 "name": "A String", # This must match the Name of a Volume. 7450 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7451 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7452 }, 7453 ], 7454 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7455 }, 7456 ], 7457 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 7458 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 7459 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 7460 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 7461 "volumes": [ 7462 { # Volume represents a named volume in a container. 7463 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 7464 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 7465 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 7466 { # Maps a string key to a path within a volume. 7467 "key": "A String", # The key to project. 7468 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 7469 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 7470 }, 7471 ], 7472 "name": "A String", # Name of the config. 7473 "optional": True or False, # Specify whether the Secret or its keys must be defined. 7474 }, 7475 "name": "A String", # Volume's name. 7476 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 7477 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 7478 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 7479 { # Maps a string key to a path within a volume. 7480 "key": "A String", # The key to project. 7481 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 7482 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 7483 }, 7484 ], 7485 "optional": True or False, # Specify whether the Secret or its keys must be defined. 7486 "secretName": "A String", # Name of the secret in the container's namespace to use. 7487 }, 7488 }, 7489 ], 7490 }, 7491 }, 7492 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 7493 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 7494 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 7495 "a_key": "A String", 7496 }, 7497 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 7498 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 7499 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 7500 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 7501 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 7502 "A String", 7503 ], 7504 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 7505 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 7506 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 7507 "a_key": "A String", 7508 }, 7509 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 7510 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 7511 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 7512 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 7513 "apiVersion": "A String", # API version of the referent. 7514 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 7515 "controller": True or False, # If true, this reference points to the managing controller. +optional 7516 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 7517 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 7518 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 7519 }, 7520 ], 7521 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 7522 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 7523 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 7524 }, 7525 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 7526 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 7527 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 7528 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7529 "A String", 7530 ], 7531 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7532 "A String", 7533 ], 7534 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7535 { # EnvVar represents an environment variable present in a Container. 7536 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7537 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7538 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7539 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7540 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7541 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7542 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7543 }, 7544 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7545 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7546 }, 7547 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7548 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7549 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7550 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7551 }, 7552 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7553 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7554 }, 7555 }, 7556 }, 7557 ], 7558 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7559 { # EnvFromSource represents the source of a set of ConfigMaps 7560 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7561 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7562 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7563 }, 7564 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7565 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7566 }, 7567 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7568 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7569 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7570 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7571 }, 7572 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7573 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7574 }, 7575 }, 7576 ], 7577 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7578 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7579 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7580 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7581 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7582 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7583 "A String", 7584 ], 7585 }, 7586 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7587 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7588 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7589 { # HTTPHeader describes a custom header to be used in HTTP probes 7590 "name": "A String", # The header field name 7591 "value": "A String", # The header field value 7592 }, 7593 ], 7594 "path": "A String", # Path to access on the HTTP server. +optional 7595 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7596 "intVal": 42, # The int value. 7597 "strVal": "A String", # The string value. 7598 "type": 42, # The type of the value. 7599 }, 7600 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7601 }, 7602 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7603 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7604 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7605 "intVal": 42, # The int value. 7606 "strVal": "A String", # The string value. 7607 "type": 42, # The type of the value. 7608 }, 7609 }, 7610 }, 7611 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7612 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7613 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7614 "A String", 7615 ], 7616 }, 7617 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7618 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7619 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7620 { # HTTPHeader describes a custom header to be used in HTTP probes 7621 "name": "A String", # The header field name 7622 "value": "A String", # The header field value 7623 }, 7624 ], 7625 "path": "A String", # Path to access on the HTTP server. +optional 7626 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7627 "intVal": 42, # The int value. 7628 "strVal": "A String", # The string value. 7629 "type": 42, # The type of the value. 7630 }, 7631 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7632 }, 7633 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7634 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7635 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7636 "intVal": 42, # The int value. 7637 "strVal": "A String", # The string value. 7638 "type": 42, # The type of the value. 7639 }, 7640 }, 7641 }, 7642 }, 7643 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7644 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7645 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7646 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7647 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7648 "A String", 7649 ], 7650 }, 7651 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7652 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7653 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7654 { # HTTPHeader describes a custom header to be used in HTTP probes 7655 "name": "A String", # The header field name 7656 "value": "A String", # The header field value 7657 }, 7658 ], 7659 "path": "A String", # Path to access on the HTTP server. +optional 7660 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7661 "intVal": 42, # The int value. 7662 "strVal": "A String", # The string value. 7663 "type": 42, # The type of the value. 7664 }, 7665 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7666 }, 7667 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7668 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7670 "intVal": 42, # The int value. 7671 "strVal": "A String", # The string value. 7672 "type": 42, # The type of the value. 7673 }, 7674 }, 7675 }, 7676 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7677 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7678 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7679 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7680 }, 7681 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7682 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7683 { # ContainerPort represents a network port in a single container. 7684 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7685 "hostIP": "A String", # What host IP to bind the external port to. +optional 7686 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7687 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7688 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7689 }, 7690 ], 7691 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7692 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7693 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7694 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7695 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7696 "A String", 7697 ], 7698 }, 7699 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7700 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7701 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7702 { # HTTPHeader describes a custom header to be used in HTTP probes 7703 "name": "A String", # The header field name 7704 "value": "A String", # The header field value 7705 }, 7706 ], 7707 "path": "A String", # Path to access on the HTTP server. +optional 7708 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7709 "intVal": 42, # The int value. 7710 "strVal": "A String", # The string value. 7711 "type": 42, # The type of the value. 7712 }, 7713 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7714 }, 7715 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7716 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7717 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7718 "intVal": 42, # The int value. 7719 "strVal": "A String", # The string value. 7720 "type": 42, # The type of the value. 7721 }, 7722 }, 7723 }, 7724 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7725 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7726 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7727 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7728 }, 7729 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7730 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7731 "a_key": "A String", 7732 }, 7733 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7734 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7735 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7736 }, 7737 }, 7738 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7739 "a_key": "A String", 7740 }, 7741 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7742 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7743 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7744 }, 7745 }, 7746 }, 7747 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7748 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7749 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7750 "add": [ # Added capabilities +optional 7751 "A String", 7752 ], 7753 "drop": [ # Removed capabilities +optional 7754 "A String", 7755 ], 7756 }, 7757 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7758 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7759 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7760 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7761 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7762 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7763 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7764 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7765 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7766 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7767 }, 7768 }, 7769 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7770 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7771 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7772 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7773 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7774 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7775 { # volumeDevice describes a mapping of a raw block device within a container. 7776 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7777 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7778 }, 7779 ], 7780 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7781 { # VolumeMount describes a mounting of a Volume within a container. 7782 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7783 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7784 "name": "A String", # This must match the Name of a Volume. 7785 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7786 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7787 }, 7788 ], 7789 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7790 }, 7791 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 7792 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 7793 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 7794 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7795 "A String", 7796 ], 7797 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7798 "A String", 7799 ], 7800 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7801 { # EnvVar represents an environment variable present in a Container. 7802 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7803 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7804 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7805 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7806 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7807 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7808 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7809 }, 7810 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7811 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7812 }, 7813 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7814 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7815 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7816 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7817 }, 7818 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7819 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7820 }, 7821 }, 7822 }, 7823 ], 7824 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7825 { # EnvFromSource represents the source of a set of ConfigMaps 7826 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7827 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7828 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7829 }, 7830 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7831 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7832 }, 7833 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7834 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7835 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7836 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7837 }, 7838 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7839 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7840 }, 7841 }, 7842 ], 7843 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7844 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7845 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7846 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7847 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7848 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7849 "A String", 7850 ], 7851 }, 7852 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7853 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7854 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7855 { # HTTPHeader describes a custom header to be used in HTTP probes 7856 "name": "A String", # The header field name 7857 "value": "A String", # The header field value 7858 }, 7859 ], 7860 "path": "A String", # Path to access on the HTTP server. +optional 7861 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7862 "intVal": 42, # The int value. 7863 "strVal": "A String", # The string value. 7864 "type": 42, # The type of the value. 7865 }, 7866 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7867 }, 7868 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7869 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7870 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7871 "intVal": 42, # The int value. 7872 "strVal": "A String", # The string value. 7873 "type": 42, # The type of the value. 7874 }, 7875 }, 7876 }, 7877 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7878 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7879 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7880 "A String", 7881 ], 7882 }, 7883 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7884 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7885 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7886 { # HTTPHeader describes a custom header to be used in HTTP probes 7887 "name": "A String", # The header field name 7888 "value": "A String", # The header field value 7889 }, 7890 ], 7891 "path": "A String", # Path to access on the HTTP server. +optional 7892 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7893 "intVal": 42, # The int value. 7894 "strVal": "A String", # The string value. 7895 "type": 42, # The type of the value. 7896 }, 7897 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7898 }, 7899 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7900 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7901 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7902 "intVal": 42, # The int value. 7903 "strVal": "A String", # The string value. 7904 "type": 42, # The type of the value. 7905 }, 7906 }, 7907 }, 7908 }, 7909 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7910 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7911 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7912 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7913 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7914 "A String", 7915 ], 7916 }, 7917 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7918 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7919 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7920 { # HTTPHeader describes a custom header to be used in HTTP probes 7921 "name": "A String", # The header field name 7922 "value": "A String", # The header field value 7923 }, 7924 ], 7925 "path": "A String", # Path to access on the HTTP server. +optional 7926 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7927 "intVal": 42, # The int value. 7928 "strVal": "A String", # The string value. 7929 "type": 42, # The type of the value. 7930 }, 7931 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7932 }, 7933 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7934 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7935 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7936 "intVal": 42, # The int value. 7937 "strVal": "A String", # The string value. 7938 "type": 42, # The type of the value. 7939 }, 7940 }, 7941 }, 7942 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7943 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7944 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7945 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7946 }, 7947 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7948 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7949 { # ContainerPort represents a network port in a single container. 7950 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7951 "hostIP": "A String", # What host IP to bind the external port to. +optional 7952 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7953 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7954 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7955 }, 7956 ], 7957 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7958 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7959 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7960 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7961 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7962 "A String", 7963 ], 7964 }, 7965 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7966 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7967 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7968 { # HTTPHeader describes a custom header to be used in HTTP probes 7969 "name": "A String", # The header field name 7970 "value": "A String", # The header field value 7971 }, 7972 ], 7973 "path": "A String", # Path to access on the HTTP server. +optional 7974 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7975 "intVal": 42, # The int value. 7976 "strVal": "A String", # The string value. 7977 "type": 42, # The type of the value. 7978 }, 7979 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7980 }, 7981 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7982 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7983 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7984 "intVal": 42, # The int value. 7985 "strVal": "A String", # The string value. 7986 "type": 42, # The type of the value. 7987 }, 7988 }, 7989 }, 7990 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7991 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7992 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7993 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7994 }, 7995 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7996 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7997 "a_key": "A String", 7998 }, 7999 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8000 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8001 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8002 }, 8003 }, 8004 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8005 "a_key": "A String", 8006 }, 8007 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8008 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8009 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8010 }, 8011 }, 8012 }, 8013 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8014 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8015 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8016 "add": [ # Added capabilities +optional 8017 "A String", 8018 ], 8019 "drop": [ # Removed capabilities +optional 8020 "A String", 8021 ], 8022 }, 8023 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8024 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8025 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8026 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8027 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8028 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8029 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8030 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8031 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8032 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8033 }, 8034 }, 8035 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8036 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8037 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8038 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8039 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8040 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8041 { # volumeDevice describes a mapping of a raw block device within a container. 8042 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8043 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8044 }, 8045 ], 8046 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8047 { # VolumeMount describes a mounting of a Volume within a container. 8048 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8049 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8050 "name": "A String", # This must match the Name of a Volume. 8051 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8052 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8053 }, 8054 ], 8055 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8056 }, 8057 ], 8058 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8059 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 8060 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 8061 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 8062 "volumes": [ 8063 { # Volume represents a named volume in a container. 8064 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 8065 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8066 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8067 { # Maps a string key to a path within a volume. 8068 "key": "A String", # The key to project. 8069 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8070 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8071 }, 8072 ], 8073 "name": "A String", # Name of the config. 8074 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8075 }, 8076 "name": "A String", # Volume's name. 8077 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 8078 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8079 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8080 { # Maps a string key to a path within a volume. 8081 "key": "A String", # The key to project. 8082 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8083 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8084 }, 8085 ], 8086 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8087 "secretName": "A String", # Name of the secret in the container's namespace to use. 8088 }, 8089 }, 8090 ], 8091 }, 8092 }, 8093 }, 8094 }, 8095 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 8096 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 8097 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8098 "a_key": "A String", 8099 }, 8100 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8101 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8102 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8103 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8104 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8105 "A String", 8106 ], 8107 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8108 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8109 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8110 "a_key": "A String", 8111 }, 8112 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8113 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8114 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8115 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8116 "apiVersion": "A String", # API version of the referent. 8117 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8118 "controller": True or False, # If true, this reference points to the managing controller. +optional 8119 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8120 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8121 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8122 }, 8123 ], 8124 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8125 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8126 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8127 }, 8128 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 8129 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 8130 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 8131 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8132 "A String", 8133 ], 8134 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8135 "A String", 8136 ], 8137 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8138 { # EnvVar represents an environment variable present in a Container. 8139 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8140 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8141 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8142 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8143 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8144 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8145 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8146 }, 8147 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8148 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8149 }, 8150 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8151 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8152 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8153 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8154 }, 8155 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8156 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8157 }, 8158 }, 8159 }, 8160 ], 8161 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8162 { # EnvFromSource represents the source of a set of ConfigMaps 8163 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8164 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8165 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8166 }, 8167 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8168 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8169 }, 8170 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8171 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8172 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8173 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8174 }, 8175 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8176 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8177 }, 8178 }, 8179 ], 8180 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8181 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8182 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8183 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8184 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8185 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8186 "A String", 8187 ], 8188 }, 8189 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8190 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8191 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8192 { # HTTPHeader describes a custom header to be used in HTTP probes 8193 "name": "A String", # The header field name 8194 "value": "A String", # The header field value 8195 }, 8196 ], 8197 "path": "A String", # Path to access on the HTTP server. +optional 8198 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8199 "intVal": 42, # The int value. 8200 "strVal": "A String", # The string value. 8201 "type": 42, # The type of the value. 8202 }, 8203 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8204 }, 8205 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8206 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8207 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8208 "intVal": 42, # The int value. 8209 "strVal": "A String", # The string value. 8210 "type": 42, # The type of the value. 8211 }, 8212 }, 8213 }, 8214 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8215 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8216 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8217 "A String", 8218 ], 8219 }, 8220 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8221 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8222 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8223 { # HTTPHeader describes a custom header to be used in HTTP probes 8224 "name": "A String", # The header field name 8225 "value": "A String", # The header field value 8226 }, 8227 ], 8228 "path": "A String", # Path to access on the HTTP server. +optional 8229 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8230 "intVal": 42, # The int value. 8231 "strVal": "A String", # The string value. 8232 "type": 42, # The type of the value. 8233 }, 8234 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8235 }, 8236 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8237 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8238 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8239 "intVal": 42, # The int value. 8240 "strVal": "A String", # The string value. 8241 "type": 42, # The type of the value. 8242 }, 8243 }, 8244 }, 8245 }, 8246 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8247 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8248 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8249 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8250 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8251 "A String", 8252 ], 8253 }, 8254 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8255 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8256 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8257 { # HTTPHeader describes a custom header to be used in HTTP probes 8258 "name": "A String", # The header field name 8259 "value": "A String", # The header field value 8260 }, 8261 ], 8262 "path": "A String", # Path to access on the HTTP server. +optional 8263 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8264 "intVal": 42, # The int value. 8265 "strVal": "A String", # The string value. 8266 "type": 42, # The type of the value. 8267 }, 8268 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8269 }, 8270 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8271 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8272 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8273 "intVal": 42, # The int value. 8274 "strVal": "A String", # The string value. 8275 "type": 42, # The type of the value. 8276 }, 8277 }, 8278 }, 8279 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8280 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8281 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8282 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8283 }, 8284 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 8285 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 8286 { # ContainerPort represents a network port in a single container. 8287 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 8288 "hostIP": "A String", # What host IP to bind the external port to. +optional 8289 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 8290 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 8291 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 8292 }, 8293 ], 8294 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8295 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8296 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8297 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8298 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8299 "A String", 8300 ], 8301 }, 8302 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8303 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8304 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8305 { # HTTPHeader describes a custom header to be used in HTTP probes 8306 "name": "A String", # The header field name 8307 "value": "A String", # The header field value 8308 }, 8309 ], 8310 "path": "A String", # Path to access on the HTTP server. +optional 8311 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8312 "intVal": 42, # The int value. 8313 "strVal": "A String", # The string value. 8314 "type": 42, # The type of the value. 8315 }, 8316 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8317 }, 8318 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8319 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8320 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8321 "intVal": 42, # The int value. 8322 "strVal": "A String", # The string value. 8323 "type": 42, # The type of the value. 8324 }, 8325 }, 8326 }, 8327 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8328 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8329 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8330 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8331 }, 8332 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 8333 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8334 "a_key": "A String", 8335 }, 8336 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8337 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8338 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8339 }, 8340 }, 8341 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8342 "a_key": "A String", 8343 }, 8344 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8345 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8346 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8347 }, 8348 }, 8349 }, 8350 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8351 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8352 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8353 "add": [ # Added capabilities +optional 8354 "A String", 8355 ], 8356 "drop": [ # Removed capabilities +optional 8357 "A String", 8358 ], 8359 }, 8360 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8361 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8362 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8363 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8364 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8365 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8366 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8367 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8368 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8369 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8370 }, 8371 }, 8372 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8373 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8374 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8375 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8376 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8377 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8378 { # volumeDevice describes a mapping of a raw block device within a container. 8379 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8380 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8381 }, 8382 ], 8383 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8384 { # VolumeMount describes a mounting of a Volume within a container. 8385 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8386 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8387 "name": "A String", # This must match the Name of a Volume. 8388 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8389 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8390 }, 8391 ], 8392 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8393 }, 8394 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 8395 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 8396 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 8397 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8398 "A String", 8399 ], 8400 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8401 "A String", 8402 ], 8403 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8404 { # EnvVar represents an environment variable present in a Container. 8405 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8406 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8407 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8408 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8409 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8410 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8411 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8412 }, 8413 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8414 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8415 }, 8416 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8417 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8418 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8419 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8420 }, 8421 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8422 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8423 }, 8424 }, 8425 }, 8426 ], 8427 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8428 { # EnvFromSource represents the source of a set of ConfigMaps 8429 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8430 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8431 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8432 }, 8433 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8434 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8435 }, 8436 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8437 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8438 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8439 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8440 }, 8441 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8442 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8443 }, 8444 }, 8445 ], 8446 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8447 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8448 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8449 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8450 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8451 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8452 "A String", 8453 ], 8454 }, 8455 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8456 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8457 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8458 { # HTTPHeader describes a custom header to be used in HTTP probes 8459 "name": "A String", # The header field name 8460 "value": "A String", # The header field value 8461 }, 8462 ], 8463 "path": "A String", # Path to access on the HTTP server. +optional 8464 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8465 "intVal": 42, # The int value. 8466 "strVal": "A String", # The string value. 8467 "type": 42, # The type of the value. 8468 }, 8469 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8470 }, 8471 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8472 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8473 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8474 "intVal": 42, # The int value. 8475 "strVal": "A String", # The string value. 8476 "type": 42, # The type of the value. 8477 }, 8478 }, 8479 }, 8480 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8481 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8482 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8483 "A String", 8484 ], 8485 }, 8486 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8487 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8488 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8489 { # HTTPHeader describes a custom header to be used in HTTP probes 8490 "name": "A String", # The header field name 8491 "value": "A String", # The header field value 8492 }, 8493 ], 8494 "path": "A String", # Path to access on the HTTP server. +optional 8495 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8496 "intVal": 42, # The int value. 8497 "strVal": "A String", # The string value. 8498 "type": 42, # The type of the value. 8499 }, 8500 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8501 }, 8502 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8503 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8504 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8505 "intVal": 42, # The int value. 8506 "strVal": "A String", # The string value. 8507 "type": 42, # The type of the value. 8508 }, 8509 }, 8510 }, 8511 }, 8512 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8513 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8514 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8515 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8516 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8517 "A String", 8518 ], 8519 }, 8520 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8521 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8522 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8523 { # HTTPHeader describes a custom header to be used in HTTP probes 8524 "name": "A String", # The header field name 8525 "value": "A String", # The header field value 8526 }, 8527 ], 8528 "path": "A String", # Path to access on the HTTP server. +optional 8529 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8530 "intVal": 42, # The int value. 8531 "strVal": "A String", # The string value. 8532 "type": 42, # The type of the value. 8533 }, 8534 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8535 }, 8536 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8537 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8538 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8539 "intVal": 42, # The int value. 8540 "strVal": "A String", # The string value. 8541 "type": 42, # The type of the value. 8542 }, 8543 }, 8544 }, 8545 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8546 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8547 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8548 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8549 }, 8550 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 8551 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 8552 { # ContainerPort represents a network port in a single container. 8553 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 8554 "hostIP": "A String", # What host IP to bind the external port to. +optional 8555 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 8556 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 8557 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 8558 }, 8559 ], 8560 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8561 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8562 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8563 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8564 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8565 "A String", 8566 ], 8567 }, 8568 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8569 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8570 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8571 { # HTTPHeader describes a custom header to be used in HTTP probes 8572 "name": "A String", # The header field name 8573 "value": "A String", # The header field value 8574 }, 8575 ], 8576 "path": "A String", # Path to access on the HTTP server. +optional 8577 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8578 "intVal": 42, # The int value. 8579 "strVal": "A String", # The string value. 8580 "type": 42, # The type of the value. 8581 }, 8582 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8583 }, 8584 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8585 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8586 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8587 "intVal": 42, # The int value. 8588 "strVal": "A String", # The string value. 8589 "type": 42, # The type of the value. 8590 }, 8591 }, 8592 }, 8593 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8594 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8595 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8596 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8597 }, 8598 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 8599 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8600 "a_key": "A String", 8601 }, 8602 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8603 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8604 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8605 }, 8606 }, 8607 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8608 "a_key": "A String", 8609 }, 8610 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8611 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8612 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8613 }, 8614 }, 8615 }, 8616 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8617 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8618 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8619 "add": [ # Added capabilities +optional 8620 "A String", 8621 ], 8622 "drop": [ # Removed capabilities +optional 8623 "A String", 8624 ], 8625 }, 8626 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8627 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8628 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8629 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8630 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8631 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8632 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8633 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8634 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8635 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8636 }, 8637 }, 8638 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8639 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8640 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8641 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8642 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8643 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8644 { # volumeDevice describes a mapping of a raw block device within a container. 8645 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8646 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8647 }, 8648 ], 8649 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8650 { # VolumeMount describes a mounting of a Volume within a container. 8651 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8652 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8653 "name": "A String", # This must match the Name of a Volume. 8654 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8655 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8656 }, 8657 ], 8658 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8659 }, 8660 ], 8661 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8662 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 8663 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 8664 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 8665 "volumes": [ 8666 { # Volume represents a named volume in a container. 8667 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 8668 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8669 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8670 { # Maps a string key to a path within a volume. 8671 "key": "A String", # The key to project. 8672 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8673 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8674 }, 8675 ], 8676 "name": "A String", # Name of the config. 8677 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8678 }, 8679 "name": "A String", # Volume's name. 8680 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 8681 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8682 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8683 { # Maps a string key to a path within a volume. 8684 "key": "A String", # The key to project. 8685 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8686 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8687 }, 8688 ], 8689 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8690 "secretName": "A String", # Name of the secret in the container's namespace to use. 8691 }, 8692 }, 8693 ], 8694 }, 8695 }, 8696 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 8697 { # TrafficTarget holds a single entry of the routing table for a Route. 8698 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 8699 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 8700 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 8701 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 8702 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 8703 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 8704 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 8705 }, 8706 ], 8707 }, 8708 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 8709 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 8710 "hostname": "A String", # Deprecated - use url instead. 8711 "url": "A String", 8712 }, 8713 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 8714 { # ServiceCondition defines a readiness condition for a Service. 8715 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 8716 "message": "A String", # Human-readable message indicating details about last transition. +optional 8717 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 8718 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 8719 "status": "A String", # Status of the condition, one of True, False, Unknown. 8720 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 8721 }, 8722 ], 8723 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 8724 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 8725 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 8726 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 8727 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 8728 { # TrafficTarget holds a single entry of the routing table for a Route. 8729 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 8730 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 8731 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 8732 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 8733 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 8734 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 8735 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 8736 }, 8737 ], 8738 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 8739 }, 8740}</pre> 8741</div> 8742 8743<div class="method"> 8744 <code class="details" id="delete">delete(name, apiVersion=None, kind=None, orphanDependents=None, propagationPolicy=None, x__xgafv=None)</code> 8745 <pre>Rpc to delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions. 8746 8747Args: 8748 name: string, The name of the service being deleted. If needed, replace {namespace_id} with the project ID. (required) 8749 apiVersion: string, Cloud Run currently ignores this parameter. 8750 kind: string, Cloud Run currently ignores this parameter. 8751 orphanDependents: boolean, Deprecated. Specifies the cascade behavior on delete. Cloud Run only supports cascading behavior, so this must be false. This attribute is deprecated, and is now replaced with PropagationPolicy See https://github.com/kubernetes/kubernetes/issues/46659 for more info. 8752 propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information. 8753 x__xgafv: string, V1 error format. 8754 Allowed values 8755 1 - v1 error format 8756 2 - v2 error format 8757 8758Returns: 8759 An object of the form: 8760 8761 { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`. 8762}</pre> 8763</div> 8764 8765<div class="method"> 8766 <code class="details" id="get">get(name, x__xgafv=None)</code> 8767 <pre>Rpc to get information about a service. 8768 8769Args: 8770 name: string, The name of the service being retrieved. If needed, replace {namespace_id} with the project ID. (required) 8771 x__xgafv: string, V1 error format. 8772 Allowed values 8773 1 - v1 error format 8774 2 - v2 error format 8775 8776Returns: 8777 An object of the form: 8778 8779 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 8780 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 8781 "kind": "A String", # The kind of resource, in this case "Service". 8782 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 8783 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8784 "a_key": "A String", 8785 }, 8786 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8787 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8788 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8789 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8790 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8791 "A String", 8792 ], 8793 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8794 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8795 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8796 "a_key": "A String", 8797 }, 8798 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8799 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8800 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8801 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8802 "apiVersion": "A String", # API version of the referent. 8803 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8804 "controller": True or False, # If true, this reference points to the managing controller. +optional 8805 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8806 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8807 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8808 }, 8809 ], 8810 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8811 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8812 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8813 }, 8814 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 8815 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8816 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 8817 }, 8818 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 8819 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 8820 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8821 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 8822 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 8823 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8824 "a_key": "A String", 8825 }, 8826 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8827 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8828 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8829 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8830 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8831 "A String", 8832 ], 8833 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8834 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8835 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8836 "a_key": "A String", 8837 }, 8838 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8839 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8840 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8841 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8842 "apiVersion": "A String", # API version of the referent. 8843 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8844 "controller": True or False, # If true, this reference points to the managing controller. +optional 8845 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8846 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8847 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8848 }, 8849 ], 8850 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8851 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8852 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8853 }, 8854 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 8855 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 8856 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 8857 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8858 "A String", 8859 ], 8860 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8861 "A String", 8862 ], 8863 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8864 { # EnvVar represents an environment variable present in a Container. 8865 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8866 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8867 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8868 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8869 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8870 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8871 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8872 }, 8873 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8874 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8875 }, 8876 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8877 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8878 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8879 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8880 }, 8881 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8882 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8883 }, 8884 }, 8885 }, 8886 ], 8887 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8888 { # EnvFromSource represents the source of a set of ConfigMaps 8889 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8890 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8891 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8892 }, 8893 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8894 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8895 }, 8896 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8897 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8898 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8899 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8900 }, 8901 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8902 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8903 }, 8904 }, 8905 ], 8906 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8907 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8908 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8909 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8910 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8911 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8912 "A String", 8913 ], 8914 }, 8915 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8916 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8917 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8918 { # HTTPHeader describes a custom header to be used in HTTP probes 8919 "name": "A String", # The header field name 8920 "value": "A String", # The header field value 8921 }, 8922 ], 8923 "path": "A String", # Path to access on the HTTP server. +optional 8924 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8925 "intVal": 42, # The int value. 8926 "strVal": "A String", # The string value. 8927 "type": 42, # The type of the value. 8928 }, 8929 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8930 }, 8931 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8932 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8933 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8934 "intVal": 42, # The int value. 8935 "strVal": "A String", # The string value. 8936 "type": 42, # The type of the value. 8937 }, 8938 }, 8939 }, 8940 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8941 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8942 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8943 "A String", 8944 ], 8945 }, 8946 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8947 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8948 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8949 { # HTTPHeader describes a custom header to be used in HTTP probes 8950 "name": "A String", # The header field name 8951 "value": "A String", # The header field value 8952 }, 8953 ], 8954 "path": "A String", # Path to access on the HTTP server. +optional 8955 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8956 "intVal": 42, # The int value. 8957 "strVal": "A String", # The string value. 8958 "type": 42, # The type of the value. 8959 }, 8960 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8961 }, 8962 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8963 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8964 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8965 "intVal": 42, # The int value. 8966 "strVal": "A String", # The string value. 8967 "type": 42, # The type of the value. 8968 }, 8969 }, 8970 }, 8971 }, 8972 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8973 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8974 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8975 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8976 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8977 "A String", 8978 ], 8979 }, 8980 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8981 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8982 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8983 { # HTTPHeader describes a custom header to be used in HTTP probes 8984 "name": "A String", # The header field name 8985 "value": "A String", # The header field value 8986 }, 8987 ], 8988 "path": "A String", # Path to access on the HTTP server. +optional 8989 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8990 "intVal": 42, # The int value. 8991 "strVal": "A String", # The string value. 8992 "type": 42, # The type of the value. 8993 }, 8994 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8995 }, 8996 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8997 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8998 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8999 "intVal": 42, # The int value. 9000 "strVal": "A String", # The string value. 9001 "type": 42, # The type of the value. 9002 }, 9003 }, 9004 }, 9005 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9006 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9007 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9008 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9009 }, 9010 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9011 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9012 { # ContainerPort represents a network port in a single container. 9013 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9014 "hostIP": "A String", # What host IP to bind the external port to. +optional 9015 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9016 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9017 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9018 }, 9019 ], 9020 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9021 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9022 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9023 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9024 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9025 "A String", 9026 ], 9027 }, 9028 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9029 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9030 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9031 { # HTTPHeader describes a custom header to be used in HTTP probes 9032 "name": "A String", # The header field name 9033 "value": "A String", # The header field value 9034 }, 9035 ], 9036 "path": "A String", # Path to access on the HTTP server. +optional 9037 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9038 "intVal": 42, # The int value. 9039 "strVal": "A String", # The string value. 9040 "type": 42, # The type of the value. 9041 }, 9042 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9043 }, 9044 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9045 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9046 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9047 "intVal": 42, # The int value. 9048 "strVal": "A String", # The string value. 9049 "type": 42, # The type of the value. 9050 }, 9051 }, 9052 }, 9053 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9054 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9055 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9056 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9057 }, 9058 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9059 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9060 "a_key": "A String", 9061 }, 9062 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9063 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9064 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9065 }, 9066 }, 9067 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9068 "a_key": "A String", 9069 }, 9070 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9071 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9072 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9073 }, 9074 }, 9075 }, 9076 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9077 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9078 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9079 "add": [ # Added capabilities +optional 9080 "A String", 9081 ], 9082 "drop": [ # Removed capabilities +optional 9083 "A String", 9084 ], 9085 }, 9086 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9087 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9088 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9089 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9090 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9091 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9092 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9093 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9094 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9095 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9096 }, 9097 }, 9098 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9099 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9100 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9101 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9102 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9103 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9104 { # volumeDevice describes a mapping of a raw block device within a container. 9105 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9106 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9107 }, 9108 ], 9109 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9110 { # VolumeMount describes a mounting of a Volume within a container. 9111 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9112 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9113 "name": "A String", # This must match the Name of a Volume. 9114 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9115 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9116 }, 9117 ], 9118 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9119 }, 9120 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 9121 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 9122 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 9123 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9124 "A String", 9125 ], 9126 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9127 "A String", 9128 ], 9129 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9130 { # EnvVar represents an environment variable present in a Container. 9131 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9132 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9133 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9134 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9135 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9136 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9137 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9138 }, 9139 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9140 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9141 }, 9142 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9143 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9144 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9145 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9146 }, 9147 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9148 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9149 }, 9150 }, 9151 }, 9152 ], 9153 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9154 { # EnvFromSource represents the source of a set of ConfigMaps 9155 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9156 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9157 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9158 }, 9159 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9160 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9161 }, 9162 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9163 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9164 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9165 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9166 }, 9167 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9168 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9169 }, 9170 }, 9171 ], 9172 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9173 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9174 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9175 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9176 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9177 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9178 "A String", 9179 ], 9180 }, 9181 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9182 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9183 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9184 { # HTTPHeader describes a custom header to be used in HTTP probes 9185 "name": "A String", # The header field name 9186 "value": "A String", # The header field value 9187 }, 9188 ], 9189 "path": "A String", # Path to access on the HTTP server. +optional 9190 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9191 "intVal": 42, # The int value. 9192 "strVal": "A String", # The string value. 9193 "type": 42, # The type of the value. 9194 }, 9195 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9196 }, 9197 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9198 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9199 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9200 "intVal": 42, # The int value. 9201 "strVal": "A String", # The string value. 9202 "type": 42, # The type of the value. 9203 }, 9204 }, 9205 }, 9206 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9207 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9208 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9209 "A String", 9210 ], 9211 }, 9212 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9213 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9214 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9215 { # HTTPHeader describes a custom header to be used in HTTP probes 9216 "name": "A String", # The header field name 9217 "value": "A String", # The header field value 9218 }, 9219 ], 9220 "path": "A String", # Path to access on the HTTP server. +optional 9221 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9222 "intVal": 42, # The int value. 9223 "strVal": "A String", # The string value. 9224 "type": 42, # The type of the value. 9225 }, 9226 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9227 }, 9228 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9229 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9230 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9231 "intVal": 42, # The int value. 9232 "strVal": "A String", # The string value. 9233 "type": 42, # The type of the value. 9234 }, 9235 }, 9236 }, 9237 }, 9238 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9239 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9240 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9241 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9242 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9243 "A String", 9244 ], 9245 }, 9246 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9247 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9248 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9249 { # HTTPHeader describes a custom header to be used in HTTP probes 9250 "name": "A String", # The header field name 9251 "value": "A String", # The header field value 9252 }, 9253 ], 9254 "path": "A String", # Path to access on the HTTP server. +optional 9255 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9256 "intVal": 42, # The int value. 9257 "strVal": "A String", # The string value. 9258 "type": 42, # The type of the value. 9259 }, 9260 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9261 }, 9262 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9263 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9264 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9265 "intVal": 42, # The int value. 9266 "strVal": "A String", # The string value. 9267 "type": 42, # The type of the value. 9268 }, 9269 }, 9270 }, 9271 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9272 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9273 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9274 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9275 }, 9276 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9277 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9278 { # ContainerPort represents a network port in a single container. 9279 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9280 "hostIP": "A String", # What host IP to bind the external port to. +optional 9281 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9282 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9283 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9284 }, 9285 ], 9286 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9287 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9288 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9289 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9290 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9291 "A String", 9292 ], 9293 }, 9294 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9295 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9296 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9297 { # HTTPHeader describes a custom header to be used in HTTP probes 9298 "name": "A String", # The header field name 9299 "value": "A String", # The header field value 9300 }, 9301 ], 9302 "path": "A String", # Path to access on the HTTP server. +optional 9303 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9304 "intVal": 42, # The int value. 9305 "strVal": "A String", # The string value. 9306 "type": 42, # The type of the value. 9307 }, 9308 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9309 }, 9310 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9311 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9312 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9313 "intVal": 42, # The int value. 9314 "strVal": "A String", # The string value. 9315 "type": 42, # The type of the value. 9316 }, 9317 }, 9318 }, 9319 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9320 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9321 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9322 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9323 }, 9324 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9325 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9326 "a_key": "A String", 9327 }, 9328 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9329 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9330 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9331 }, 9332 }, 9333 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9334 "a_key": "A String", 9335 }, 9336 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9337 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9338 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9339 }, 9340 }, 9341 }, 9342 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9343 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9344 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9345 "add": [ # Added capabilities +optional 9346 "A String", 9347 ], 9348 "drop": [ # Removed capabilities +optional 9349 "A String", 9350 ], 9351 }, 9352 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9353 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9354 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9355 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9356 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9357 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9358 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9359 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9360 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9361 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9362 }, 9363 }, 9364 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9365 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9366 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9367 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9368 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9369 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9370 { # volumeDevice describes a mapping of a raw block device within a container. 9371 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9372 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9373 }, 9374 ], 9375 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9376 { # VolumeMount describes a mounting of a Volume within a container. 9377 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9378 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9379 "name": "A String", # This must match the Name of a Volume. 9380 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9381 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9382 }, 9383 ], 9384 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9385 }, 9386 ], 9387 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 9388 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 9389 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 9390 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 9391 "volumes": [ 9392 { # Volume represents a named volume in a container. 9393 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 9394 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 9395 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 9396 { # Maps a string key to a path within a volume. 9397 "key": "A String", # The key to project. 9398 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 9399 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 9400 }, 9401 ], 9402 "name": "A String", # Name of the config. 9403 "optional": True or False, # Specify whether the Secret or its keys must be defined. 9404 }, 9405 "name": "A String", # Volume's name. 9406 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 9407 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 9408 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 9409 { # Maps a string key to a path within a volume. 9410 "key": "A String", # The key to project. 9411 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 9412 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 9413 }, 9414 ], 9415 "optional": True or False, # Specify whether the Secret or its keys must be defined. 9416 "secretName": "A String", # Name of the secret in the container's namespace to use. 9417 }, 9418 }, 9419 ], 9420 }, 9421 }, 9422 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 9423 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 9424 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 9425 "a_key": "A String", 9426 }, 9427 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 9428 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 9429 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 9430 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 9431 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 9432 "A String", 9433 ], 9434 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 9435 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 9436 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 9437 "a_key": "A String", 9438 }, 9439 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 9440 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 9441 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 9442 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 9443 "apiVersion": "A String", # API version of the referent. 9444 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 9445 "controller": True or False, # If true, this reference points to the managing controller. +optional 9446 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 9447 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 9448 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 9449 }, 9450 ], 9451 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 9452 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 9453 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 9454 }, 9455 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 9456 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 9457 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 9458 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9459 "A String", 9460 ], 9461 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9462 "A String", 9463 ], 9464 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9465 { # EnvVar represents an environment variable present in a Container. 9466 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9467 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9468 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9469 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9470 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9471 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9472 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9473 }, 9474 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9475 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9476 }, 9477 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9478 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9479 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9480 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9481 }, 9482 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9483 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9484 }, 9485 }, 9486 }, 9487 ], 9488 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9489 { # EnvFromSource represents the source of a set of ConfigMaps 9490 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9491 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9492 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9493 }, 9494 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9495 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9496 }, 9497 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9498 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9499 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9500 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9501 }, 9502 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9503 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9504 }, 9505 }, 9506 ], 9507 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9508 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9509 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9510 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9511 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9512 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9513 "A String", 9514 ], 9515 }, 9516 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9517 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9518 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9519 { # HTTPHeader describes a custom header to be used in HTTP probes 9520 "name": "A String", # The header field name 9521 "value": "A String", # The header field value 9522 }, 9523 ], 9524 "path": "A String", # Path to access on the HTTP server. +optional 9525 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9526 "intVal": 42, # The int value. 9527 "strVal": "A String", # The string value. 9528 "type": 42, # The type of the value. 9529 }, 9530 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9531 }, 9532 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9533 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9534 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9535 "intVal": 42, # The int value. 9536 "strVal": "A String", # The string value. 9537 "type": 42, # The type of the value. 9538 }, 9539 }, 9540 }, 9541 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9542 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9543 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9544 "A String", 9545 ], 9546 }, 9547 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9548 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9549 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9550 { # HTTPHeader describes a custom header to be used in HTTP probes 9551 "name": "A String", # The header field name 9552 "value": "A String", # The header field value 9553 }, 9554 ], 9555 "path": "A String", # Path to access on the HTTP server. +optional 9556 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9557 "intVal": 42, # The int value. 9558 "strVal": "A String", # The string value. 9559 "type": 42, # The type of the value. 9560 }, 9561 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9562 }, 9563 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9564 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9565 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9566 "intVal": 42, # The int value. 9567 "strVal": "A String", # The string value. 9568 "type": 42, # The type of the value. 9569 }, 9570 }, 9571 }, 9572 }, 9573 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9574 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9575 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9576 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9577 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9578 "A String", 9579 ], 9580 }, 9581 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9582 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9583 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9584 { # HTTPHeader describes a custom header to be used in HTTP probes 9585 "name": "A String", # The header field name 9586 "value": "A String", # The header field value 9587 }, 9588 ], 9589 "path": "A String", # Path to access on the HTTP server. +optional 9590 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9591 "intVal": 42, # The int value. 9592 "strVal": "A String", # The string value. 9593 "type": 42, # The type of the value. 9594 }, 9595 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9596 }, 9597 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9598 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9599 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9600 "intVal": 42, # The int value. 9601 "strVal": "A String", # The string value. 9602 "type": 42, # The type of the value. 9603 }, 9604 }, 9605 }, 9606 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9607 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9608 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9609 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9610 }, 9611 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9612 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9613 { # ContainerPort represents a network port in a single container. 9614 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9615 "hostIP": "A String", # What host IP to bind the external port to. +optional 9616 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9617 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9618 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9619 }, 9620 ], 9621 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9622 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9623 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9624 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9625 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9626 "A String", 9627 ], 9628 }, 9629 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9630 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9631 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9632 { # HTTPHeader describes a custom header to be used in HTTP probes 9633 "name": "A String", # The header field name 9634 "value": "A String", # The header field value 9635 }, 9636 ], 9637 "path": "A String", # Path to access on the HTTP server. +optional 9638 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9639 "intVal": 42, # The int value. 9640 "strVal": "A String", # The string value. 9641 "type": 42, # The type of the value. 9642 }, 9643 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9644 }, 9645 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9646 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9647 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9648 "intVal": 42, # The int value. 9649 "strVal": "A String", # The string value. 9650 "type": 42, # The type of the value. 9651 }, 9652 }, 9653 }, 9654 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9655 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9656 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9657 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9658 }, 9659 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9660 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9661 "a_key": "A String", 9662 }, 9663 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9664 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9665 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9666 }, 9667 }, 9668 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9669 "a_key": "A String", 9670 }, 9671 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9672 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9673 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9674 }, 9675 }, 9676 }, 9677 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9678 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9679 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9680 "add": [ # Added capabilities +optional 9681 "A String", 9682 ], 9683 "drop": [ # Removed capabilities +optional 9684 "A String", 9685 ], 9686 }, 9687 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9688 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9689 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9690 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9691 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9692 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9693 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9694 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9695 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9696 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9697 }, 9698 }, 9699 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9700 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9701 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9702 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9703 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9704 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9705 { # volumeDevice describes a mapping of a raw block device within a container. 9706 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9707 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9708 }, 9709 ], 9710 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9711 { # VolumeMount describes a mounting of a Volume within a container. 9712 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9713 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9714 "name": "A String", # This must match the Name of a Volume. 9715 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9716 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9717 }, 9718 ], 9719 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9720 }, 9721 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 9722 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 9723 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 9724 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9725 "A String", 9726 ], 9727 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9728 "A String", 9729 ], 9730 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9731 { # EnvVar represents an environment variable present in a Container. 9732 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9733 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9734 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9735 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9736 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9737 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9738 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9739 }, 9740 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9741 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9742 }, 9743 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9744 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9745 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9746 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9747 }, 9748 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9749 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9750 }, 9751 }, 9752 }, 9753 ], 9754 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9755 { # EnvFromSource represents the source of a set of ConfigMaps 9756 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9757 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9758 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9759 }, 9760 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9761 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9762 }, 9763 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9764 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9765 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9766 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9767 }, 9768 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9769 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9770 }, 9771 }, 9772 ], 9773 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9774 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9775 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9776 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9777 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9778 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9779 "A String", 9780 ], 9781 }, 9782 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9783 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9784 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9785 { # HTTPHeader describes a custom header to be used in HTTP probes 9786 "name": "A String", # The header field name 9787 "value": "A String", # The header field value 9788 }, 9789 ], 9790 "path": "A String", # Path to access on the HTTP server. +optional 9791 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9792 "intVal": 42, # The int value. 9793 "strVal": "A String", # The string value. 9794 "type": 42, # The type of the value. 9795 }, 9796 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9797 }, 9798 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9799 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9800 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9801 "intVal": 42, # The int value. 9802 "strVal": "A String", # The string value. 9803 "type": 42, # The type of the value. 9804 }, 9805 }, 9806 }, 9807 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9808 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9809 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9810 "A String", 9811 ], 9812 }, 9813 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9814 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9815 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9816 { # HTTPHeader describes a custom header to be used in HTTP probes 9817 "name": "A String", # The header field name 9818 "value": "A String", # The header field value 9819 }, 9820 ], 9821 "path": "A String", # Path to access on the HTTP server. +optional 9822 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9823 "intVal": 42, # The int value. 9824 "strVal": "A String", # The string value. 9825 "type": 42, # The type of the value. 9826 }, 9827 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9828 }, 9829 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9830 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9831 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9832 "intVal": 42, # The int value. 9833 "strVal": "A String", # The string value. 9834 "type": 42, # The type of the value. 9835 }, 9836 }, 9837 }, 9838 }, 9839 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9840 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9841 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9842 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9843 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9844 "A String", 9845 ], 9846 }, 9847 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9848 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9849 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9850 { # HTTPHeader describes a custom header to be used in HTTP probes 9851 "name": "A String", # The header field name 9852 "value": "A String", # The header field value 9853 }, 9854 ], 9855 "path": "A String", # Path to access on the HTTP server. +optional 9856 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9857 "intVal": 42, # The int value. 9858 "strVal": "A String", # The string value. 9859 "type": 42, # The type of the value. 9860 }, 9861 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9862 }, 9863 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9864 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9865 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9866 "intVal": 42, # The int value. 9867 "strVal": "A String", # The string value. 9868 "type": 42, # The type of the value. 9869 }, 9870 }, 9871 }, 9872 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9873 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9874 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9875 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9876 }, 9877 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9878 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9879 { # ContainerPort represents a network port in a single container. 9880 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9881 "hostIP": "A String", # What host IP to bind the external port to. +optional 9882 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9883 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9884 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9885 }, 9886 ], 9887 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9888 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9889 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9890 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9891 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9892 "A String", 9893 ], 9894 }, 9895 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9896 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9897 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9898 { # HTTPHeader describes a custom header to be used in HTTP probes 9899 "name": "A String", # The header field name 9900 "value": "A String", # The header field value 9901 }, 9902 ], 9903 "path": "A String", # Path to access on the HTTP server. +optional 9904 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9905 "intVal": 42, # The int value. 9906 "strVal": "A String", # The string value. 9907 "type": 42, # The type of the value. 9908 }, 9909 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9910 }, 9911 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9912 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9913 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9914 "intVal": 42, # The int value. 9915 "strVal": "A String", # The string value. 9916 "type": 42, # The type of the value. 9917 }, 9918 }, 9919 }, 9920 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9921 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9922 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9923 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9924 }, 9925 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9926 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9927 "a_key": "A String", 9928 }, 9929 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9930 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9931 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9932 }, 9933 }, 9934 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9935 "a_key": "A String", 9936 }, 9937 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9938 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9939 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9940 }, 9941 }, 9942 }, 9943 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9944 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9945 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9946 "add": [ # Added capabilities +optional 9947 "A String", 9948 ], 9949 "drop": [ # Removed capabilities +optional 9950 "A String", 9951 ], 9952 }, 9953 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9954 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9955 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9956 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9957 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9958 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9959 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9960 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9961 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9962 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9963 }, 9964 }, 9965 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9966 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9967 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9968 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9969 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9970 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9971 { # volumeDevice describes a mapping of a raw block device within a container. 9972 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9973 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9974 }, 9975 ], 9976 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9977 { # VolumeMount describes a mounting of a Volume within a container. 9978 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9979 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9980 "name": "A String", # This must match the Name of a Volume. 9981 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9982 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9983 }, 9984 ], 9985 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9986 }, 9987 ], 9988 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 9989 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 9990 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 9991 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 9992 "volumes": [ 9993 { # Volume represents a named volume in a container. 9994 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 9995 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 9996 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 9997 { # Maps a string key to a path within a volume. 9998 "key": "A String", # The key to project. 9999 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10000 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10001 }, 10002 ], 10003 "name": "A String", # Name of the config. 10004 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10005 }, 10006 "name": "A String", # Volume's name. 10007 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 10008 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10009 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10010 { # Maps a string key to a path within a volume. 10011 "key": "A String", # The key to project. 10012 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10013 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10014 }, 10015 ], 10016 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10017 "secretName": "A String", # Name of the secret in the container's namespace to use. 10018 }, 10019 }, 10020 ], 10021 }, 10022 }, 10023 }, 10024 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 10025 }, 10026 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 10027 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 10028 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 10029 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 10030 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 10031 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 10032 "a_key": "A String", 10033 }, 10034 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 10035 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10036 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 10037 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10038 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 10039 "A String", 10040 ], 10041 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 10042 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 10043 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 10044 "a_key": "A String", 10045 }, 10046 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 10047 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 10048 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 10049 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 10050 "apiVersion": "A String", # API version of the referent. 10051 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 10052 "controller": True or False, # If true, this reference points to the managing controller. +optional 10053 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 10054 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 10055 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 10056 }, 10057 ], 10058 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 10059 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 10060 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 10061 }, 10062 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 10063 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 10064 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 10065 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10066 "A String", 10067 ], 10068 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10069 "A String", 10070 ], 10071 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10072 { # EnvVar represents an environment variable present in a Container. 10073 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10074 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10075 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10076 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10077 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10078 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10079 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10080 }, 10081 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10082 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10083 }, 10084 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10085 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10086 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10087 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10088 }, 10089 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10090 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10091 }, 10092 }, 10093 }, 10094 ], 10095 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10096 { # EnvFromSource represents the source of a set of ConfigMaps 10097 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10098 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10099 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10100 }, 10101 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10102 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10103 }, 10104 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10105 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10106 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10107 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10108 }, 10109 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10110 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10111 }, 10112 }, 10113 ], 10114 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10115 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10116 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10117 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10118 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10119 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10120 "A String", 10121 ], 10122 }, 10123 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10124 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10125 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10126 { # HTTPHeader describes a custom header to be used in HTTP probes 10127 "name": "A String", # The header field name 10128 "value": "A String", # The header field value 10129 }, 10130 ], 10131 "path": "A String", # Path to access on the HTTP server. +optional 10132 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10133 "intVal": 42, # The int value. 10134 "strVal": "A String", # The string value. 10135 "type": 42, # The type of the value. 10136 }, 10137 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10138 }, 10139 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10140 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10141 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10142 "intVal": 42, # The int value. 10143 "strVal": "A String", # The string value. 10144 "type": 42, # The type of the value. 10145 }, 10146 }, 10147 }, 10148 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10149 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10150 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10151 "A String", 10152 ], 10153 }, 10154 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10155 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10156 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10157 { # HTTPHeader describes a custom header to be used in HTTP probes 10158 "name": "A String", # The header field name 10159 "value": "A String", # The header field value 10160 }, 10161 ], 10162 "path": "A String", # Path to access on the HTTP server. +optional 10163 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10164 "intVal": 42, # The int value. 10165 "strVal": "A String", # The string value. 10166 "type": 42, # The type of the value. 10167 }, 10168 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10169 }, 10170 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10171 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10172 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10173 "intVal": 42, # The int value. 10174 "strVal": "A String", # The string value. 10175 "type": 42, # The type of the value. 10176 }, 10177 }, 10178 }, 10179 }, 10180 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10181 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10182 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10183 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10184 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10185 "A String", 10186 ], 10187 }, 10188 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10189 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10190 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10191 { # HTTPHeader describes a custom header to be used in HTTP probes 10192 "name": "A String", # The header field name 10193 "value": "A String", # The header field value 10194 }, 10195 ], 10196 "path": "A String", # Path to access on the HTTP server. +optional 10197 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10198 "intVal": 42, # The int value. 10199 "strVal": "A String", # The string value. 10200 "type": 42, # The type of the value. 10201 }, 10202 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10203 }, 10204 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10205 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10206 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10207 "intVal": 42, # The int value. 10208 "strVal": "A String", # The string value. 10209 "type": 42, # The type of the value. 10210 }, 10211 }, 10212 }, 10213 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10214 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10215 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10216 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10217 }, 10218 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10219 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10220 { # ContainerPort represents a network port in a single container. 10221 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10222 "hostIP": "A String", # What host IP to bind the external port to. +optional 10223 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10224 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10225 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10226 }, 10227 ], 10228 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10229 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10230 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10231 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10232 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10233 "A String", 10234 ], 10235 }, 10236 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10237 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10238 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10239 { # HTTPHeader describes a custom header to be used in HTTP probes 10240 "name": "A String", # The header field name 10241 "value": "A String", # The header field value 10242 }, 10243 ], 10244 "path": "A String", # Path to access on the HTTP server. +optional 10245 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10246 "intVal": 42, # The int value. 10247 "strVal": "A String", # The string value. 10248 "type": 42, # The type of the value. 10249 }, 10250 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10251 }, 10252 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10253 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10254 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10255 "intVal": 42, # The int value. 10256 "strVal": "A String", # The string value. 10257 "type": 42, # The type of the value. 10258 }, 10259 }, 10260 }, 10261 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10262 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10263 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10264 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10265 }, 10266 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10267 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10268 "a_key": "A String", 10269 }, 10270 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10271 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10272 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10273 }, 10274 }, 10275 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10276 "a_key": "A String", 10277 }, 10278 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10279 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10280 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10281 }, 10282 }, 10283 }, 10284 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10285 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10286 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10287 "add": [ # Added capabilities +optional 10288 "A String", 10289 ], 10290 "drop": [ # Removed capabilities +optional 10291 "A String", 10292 ], 10293 }, 10294 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10295 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10296 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10297 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10298 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10299 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10300 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10301 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10302 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10303 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10304 }, 10305 }, 10306 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10307 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10308 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10309 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10310 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10311 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10312 { # volumeDevice describes a mapping of a raw block device within a container. 10313 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10314 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10315 }, 10316 ], 10317 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10318 { # VolumeMount describes a mounting of a Volume within a container. 10319 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10320 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10321 "name": "A String", # This must match the Name of a Volume. 10322 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10323 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10324 }, 10325 ], 10326 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10327 }, 10328 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 10329 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 10330 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 10331 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10332 "A String", 10333 ], 10334 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10335 "A String", 10336 ], 10337 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10338 { # EnvVar represents an environment variable present in a Container. 10339 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10340 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10341 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10342 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10343 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10344 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10345 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10346 }, 10347 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10348 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10349 }, 10350 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10351 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10352 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10353 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10354 }, 10355 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10356 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10357 }, 10358 }, 10359 }, 10360 ], 10361 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10362 { # EnvFromSource represents the source of a set of ConfigMaps 10363 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10364 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10365 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10366 }, 10367 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10368 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10369 }, 10370 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10371 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10372 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10373 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10374 }, 10375 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10376 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10377 }, 10378 }, 10379 ], 10380 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10381 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10382 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10383 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10384 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10385 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10386 "A String", 10387 ], 10388 }, 10389 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10390 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10391 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10392 { # HTTPHeader describes a custom header to be used in HTTP probes 10393 "name": "A String", # The header field name 10394 "value": "A String", # The header field value 10395 }, 10396 ], 10397 "path": "A String", # Path to access on the HTTP server. +optional 10398 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10399 "intVal": 42, # The int value. 10400 "strVal": "A String", # The string value. 10401 "type": 42, # The type of the value. 10402 }, 10403 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10404 }, 10405 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10406 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10407 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10408 "intVal": 42, # The int value. 10409 "strVal": "A String", # The string value. 10410 "type": 42, # The type of the value. 10411 }, 10412 }, 10413 }, 10414 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10415 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10416 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10417 "A String", 10418 ], 10419 }, 10420 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10421 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10422 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10423 { # HTTPHeader describes a custom header to be used in HTTP probes 10424 "name": "A String", # The header field name 10425 "value": "A String", # The header field value 10426 }, 10427 ], 10428 "path": "A String", # Path to access on the HTTP server. +optional 10429 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10430 "intVal": 42, # The int value. 10431 "strVal": "A String", # The string value. 10432 "type": 42, # The type of the value. 10433 }, 10434 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10435 }, 10436 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10437 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10438 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10439 "intVal": 42, # The int value. 10440 "strVal": "A String", # The string value. 10441 "type": 42, # The type of the value. 10442 }, 10443 }, 10444 }, 10445 }, 10446 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10447 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10448 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10449 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10450 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10451 "A String", 10452 ], 10453 }, 10454 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10455 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10456 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10457 { # HTTPHeader describes a custom header to be used in HTTP probes 10458 "name": "A String", # The header field name 10459 "value": "A String", # The header field value 10460 }, 10461 ], 10462 "path": "A String", # Path to access on the HTTP server. +optional 10463 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10464 "intVal": 42, # The int value. 10465 "strVal": "A String", # The string value. 10466 "type": 42, # The type of the value. 10467 }, 10468 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10469 }, 10470 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10471 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10472 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10473 "intVal": 42, # The int value. 10474 "strVal": "A String", # The string value. 10475 "type": 42, # The type of the value. 10476 }, 10477 }, 10478 }, 10479 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10480 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10481 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10482 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10483 }, 10484 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10485 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10486 { # ContainerPort represents a network port in a single container. 10487 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10488 "hostIP": "A String", # What host IP to bind the external port to. +optional 10489 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10490 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10491 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10492 }, 10493 ], 10494 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10495 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10496 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10497 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10498 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10499 "A String", 10500 ], 10501 }, 10502 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10503 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10504 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10505 { # HTTPHeader describes a custom header to be used in HTTP probes 10506 "name": "A String", # The header field name 10507 "value": "A String", # The header field value 10508 }, 10509 ], 10510 "path": "A String", # Path to access on the HTTP server. +optional 10511 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10512 "intVal": 42, # The int value. 10513 "strVal": "A String", # The string value. 10514 "type": 42, # The type of the value. 10515 }, 10516 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10517 }, 10518 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10519 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10520 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10521 "intVal": 42, # The int value. 10522 "strVal": "A String", # The string value. 10523 "type": 42, # The type of the value. 10524 }, 10525 }, 10526 }, 10527 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10528 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10529 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10530 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10531 }, 10532 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10533 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10534 "a_key": "A String", 10535 }, 10536 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10537 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10538 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10539 }, 10540 }, 10541 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10542 "a_key": "A String", 10543 }, 10544 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10545 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10546 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10547 }, 10548 }, 10549 }, 10550 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10551 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10552 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10553 "add": [ # Added capabilities +optional 10554 "A String", 10555 ], 10556 "drop": [ # Removed capabilities +optional 10557 "A String", 10558 ], 10559 }, 10560 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10561 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10562 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10563 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10564 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10565 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10566 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10567 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10568 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10569 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10570 }, 10571 }, 10572 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10573 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10574 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10575 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10576 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10577 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10578 { # volumeDevice describes a mapping of a raw block device within a container. 10579 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10580 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10581 }, 10582 ], 10583 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10584 { # VolumeMount describes a mounting of a Volume within a container. 10585 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10586 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10587 "name": "A String", # This must match the Name of a Volume. 10588 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10589 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10590 }, 10591 ], 10592 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10593 }, 10594 ], 10595 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 10596 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 10597 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 10598 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 10599 "volumes": [ 10600 { # Volume represents a named volume in a container. 10601 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 10602 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10603 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10604 { # Maps a string key to a path within a volume. 10605 "key": "A String", # The key to project. 10606 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10607 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10608 }, 10609 ], 10610 "name": "A String", # Name of the config. 10611 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10612 }, 10613 "name": "A String", # Volume's name. 10614 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 10615 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10616 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10617 { # Maps a string key to a path within a volume. 10618 "key": "A String", # The key to project. 10619 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10620 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10621 }, 10622 ], 10623 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10624 "secretName": "A String", # Name of the secret in the container's namespace to use. 10625 }, 10626 }, 10627 ], 10628 }, 10629 }, 10630 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 10631 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 10632 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 10633 "a_key": "A String", 10634 }, 10635 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 10636 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10637 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 10638 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10639 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 10640 "A String", 10641 ], 10642 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 10643 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 10644 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 10645 "a_key": "A String", 10646 }, 10647 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 10648 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 10649 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 10650 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 10651 "apiVersion": "A String", # API version of the referent. 10652 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 10653 "controller": True or False, # If true, this reference points to the managing controller. +optional 10654 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 10655 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 10656 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 10657 }, 10658 ], 10659 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 10660 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 10661 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 10662 }, 10663 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 10664 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 10665 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 10666 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10667 "A String", 10668 ], 10669 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10670 "A String", 10671 ], 10672 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10673 { # EnvVar represents an environment variable present in a Container. 10674 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10675 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10676 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10677 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10678 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10679 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10680 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10681 }, 10682 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10683 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10684 }, 10685 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10686 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10687 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10688 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10689 }, 10690 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10691 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10692 }, 10693 }, 10694 }, 10695 ], 10696 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10697 { # EnvFromSource represents the source of a set of ConfigMaps 10698 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10699 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10700 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10701 }, 10702 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10703 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10704 }, 10705 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10706 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10707 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10708 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10709 }, 10710 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10711 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10712 }, 10713 }, 10714 ], 10715 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10716 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10717 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10718 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10719 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10720 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10721 "A String", 10722 ], 10723 }, 10724 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10725 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10726 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10727 { # HTTPHeader describes a custom header to be used in HTTP probes 10728 "name": "A String", # The header field name 10729 "value": "A String", # The header field value 10730 }, 10731 ], 10732 "path": "A String", # Path to access on the HTTP server. +optional 10733 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10734 "intVal": 42, # The int value. 10735 "strVal": "A String", # The string value. 10736 "type": 42, # The type of the value. 10737 }, 10738 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10739 }, 10740 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10741 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10742 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10743 "intVal": 42, # The int value. 10744 "strVal": "A String", # The string value. 10745 "type": 42, # The type of the value. 10746 }, 10747 }, 10748 }, 10749 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10750 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10751 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10752 "A String", 10753 ], 10754 }, 10755 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10756 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10757 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10758 { # HTTPHeader describes a custom header to be used in HTTP probes 10759 "name": "A String", # The header field name 10760 "value": "A String", # The header field value 10761 }, 10762 ], 10763 "path": "A String", # Path to access on the HTTP server. +optional 10764 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10765 "intVal": 42, # The int value. 10766 "strVal": "A String", # The string value. 10767 "type": 42, # The type of the value. 10768 }, 10769 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10770 }, 10771 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10772 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10773 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10774 "intVal": 42, # The int value. 10775 "strVal": "A String", # The string value. 10776 "type": 42, # The type of the value. 10777 }, 10778 }, 10779 }, 10780 }, 10781 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10782 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10783 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10784 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10785 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10786 "A String", 10787 ], 10788 }, 10789 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10790 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10791 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10792 { # HTTPHeader describes a custom header to be used in HTTP probes 10793 "name": "A String", # The header field name 10794 "value": "A String", # The header field value 10795 }, 10796 ], 10797 "path": "A String", # Path to access on the HTTP server. +optional 10798 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10799 "intVal": 42, # The int value. 10800 "strVal": "A String", # The string value. 10801 "type": 42, # The type of the value. 10802 }, 10803 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10804 }, 10805 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10806 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10807 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10808 "intVal": 42, # The int value. 10809 "strVal": "A String", # The string value. 10810 "type": 42, # The type of the value. 10811 }, 10812 }, 10813 }, 10814 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10815 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10816 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10817 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10818 }, 10819 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10820 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10821 { # ContainerPort represents a network port in a single container. 10822 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10823 "hostIP": "A String", # What host IP to bind the external port to. +optional 10824 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10825 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10826 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10827 }, 10828 ], 10829 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10830 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10831 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10832 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10833 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10834 "A String", 10835 ], 10836 }, 10837 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10838 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10839 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10840 { # HTTPHeader describes a custom header to be used in HTTP probes 10841 "name": "A String", # The header field name 10842 "value": "A String", # The header field value 10843 }, 10844 ], 10845 "path": "A String", # Path to access on the HTTP server. +optional 10846 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10847 "intVal": 42, # The int value. 10848 "strVal": "A String", # The string value. 10849 "type": 42, # The type of the value. 10850 }, 10851 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10852 }, 10853 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10854 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10855 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10856 "intVal": 42, # The int value. 10857 "strVal": "A String", # The string value. 10858 "type": 42, # The type of the value. 10859 }, 10860 }, 10861 }, 10862 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10863 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10864 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10865 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10866 }, 10867 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10868 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10869 "a_key": "A String", 10870 }, 10871 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10872 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10873 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10874 }, 10875 }, 10876 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10877 "a_key": "A String", 10878 }, 10879 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10880 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10881 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10882 }, 10883 }, 10884 }, 10885 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10886 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10887 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10888 "add": [ # Added capabilities +optional 10889 "A String", 10890 ], 10891 "drop": [ # Removed capabilities +optional 10892 "A String", 10893 ], 10894 }, 10895 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10896 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10897 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10898 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10899 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10900 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10901 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10902 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10903 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10904 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10905 }, 10906 }, 10907 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10908 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10909 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10910 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10911 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10912 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10913 { # volumeDevice describes a mapping of a raw block device within a container. 10914 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10915 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10916 }, 10917 ], 10918 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10919 { # VolumeMount describes a mounting of a Volume within a container. 10920 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10921 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10922 "name": "A String", # This must match the Name of a Volume. 10923 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10924 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10925 }, 10926 ], 10927 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10928 }, 10929 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 10930 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 10931 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 10932 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10933 "A String", 10934 ], 10935 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10936 "A String", 10937 ], 10938 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10939 { # EnvVar represents an environment variable present in a Container. 10940 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10941 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10942 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10943 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10944 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10945 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10946 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10947 }, 10948 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10949 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10950 }, 10951 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10952 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10953 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10954 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10955 }, 10956 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10957 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10958 }, 10959 }, 10960 }, 10961 ], 10962 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10963 { # EnvFromSource represents the source of a set of ConfigMaps 10964 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10965 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10966 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10967 }, 10968 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10969 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10970 }, 10971 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10972 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10973 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10974 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10975 }, 10976 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10977 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10978 }, 10979 }, 10980 ], 10981 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10982 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10983 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10984 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10985 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10986 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10987 "A String", 10988 ], 10989 }, 10990 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10991 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10992 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10993 { # HTTPHeader describes a custom header to be used in HTTP probes 10994 "name": "A String", # The header field name 10995 "value": "A String", # The header field value 10996 }, 10997 ], 10998 "path": "A String", # Path to access on the HTTP server. +optional 10999 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11000 "intVal": 42, # The int value. 11001 "strVal": "A String", # The string value. 11002 "type": 42, # The type of the value. 11003 }, 11004 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11005 }, 11006 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11007 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11008 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11009 "intVal": 42, # The int value. 11010 "strVal": "A String", # The string value. 11011 "type": 42, # The type of the value. 11012 }, 11013 }, 11014 }, 11015 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11016 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11017 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11018 "A String", 11019 ], 11020 }, 11021 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11022 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11023 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11024 { # HTTPHeader describes a custom header to be used in HTTP probes 11025 "name": "A String", # The header field name 11026 "value": "A String", # The header field value 11027 }, 11028 ], 11029 "path": "A String", # Path to access on the HTTP server. +optional 11030 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11031 "intVal": 42, # The int value. 11032 "strVal": "A String", # The string value. 11033 "type": 42, # The type of the value. 11034 }, 11035 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11036 }, 11037 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11038 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11039 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11040 "intVal": 42, # The int value. 11041 "strVal": "A String", # The string value. 11042 "type": 42, # The type of the value. 11043 }, 11044 }, 11045 }, 11046 }, 11047 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11048 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11049 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11050 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11051 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11052 "A String", 11053 ], 11054 }, 11055 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11056 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11057 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11058 { # HTTPHeader describes a custom header to be used in HTTP probes 11059 "name": "A String", # The header field name 11060 "value": "A String", # The header field value 11061 }, 11062 ], 11063 "path": "A String", # Path to access on the HTTP server. +optional 11064 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11065 "intVal": 42, # The int value. 11066 "strVal": "A String", # The string value. 11067 "type": 42, # The type of the value. 11068 }, 11069 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11070 }, 11071 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11072 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11073 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11074 "intVal": 42, # The int value. 11075 "strVal": "A String", # The string value. 11076 "type": 42, # The type of the value. 11077 }, 11078 }, 11079 }, 11080 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11081 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11082 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11083 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11084 }, 11085 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11086 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11087 { # ContainerPort represents a network port in a single container. 11088 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11089 "hostIP": "A String", # What host IP to bind the external port to. +optional 11090 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11091 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11092 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11093 }, 11094 ], 11095 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11096 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11097 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11098 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11099 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11100 "A String", 11101 ], 11102 }, 11103 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11104 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11105 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11106 { # HTTPHeader describes a custom header to be used in HTTP probes 11107 "name": "A String", # The header field name 11108 "value": "A String", # The header field value 11109 }, 11110 ], 11111 "path": "A String", # Path to access on the HTTP server. +optional 11112 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11113 "intVal": 42, # The int value. 11114 "strVal": "A String", # The string value. 11115 "type": 42, # The type of the value. 11116 }, 11117 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11118 }, 11119 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11120 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11121 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11122 "intVal": 42, # The int value. 11123 "strVal": "A String", # The string value. 11124 "type": 42, # The type of the value. 11125 }, 11126 }, 11127 }, 11128 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11129 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11130 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11131 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11132 }, 11133 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11134 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11135 "a_key": "A String", 11136 }, 11137 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11138 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11139 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11140 }, 11141 }, 11142 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11143 "a_key": "A String", 11144 }, 11145 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11146 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11147 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11148 }, 11149 }, 11150 }, 11151 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11152 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11153 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11154 "add": [ # Added capabilities +optional 11155 "A String", 11156 ], 11157 "drop": [ # Removed capabilities +optional 11158 "A String", 11159 ], 11160 }, 11161 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11162 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11163 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11164 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11165 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11166 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11167 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11168 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11169 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11170 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11171 }, 11172 }, 11173 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11174 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11175 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11176 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11177 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11178 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11179 { # volumeDevice describes a mapping of a raw block device within a container. 11180 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11181 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11182 }, 11183 ], 11184 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11185 { # VolumeMount describes a mounting of a Volume within a container. 11186 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11187 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11188 "name": "A String", # This must match the Name of a Volume. 11189 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11190 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11191 }, 11192 ], 11193 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11194 }, 11195 ], 11196 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11197 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 11198 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 11199 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 11200 "volumes": [ 11201 { # Volume represents a named volume in a container. 11202 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 11203 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11204 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11205 { # Maps a string key to a path within a volume. 11206 "key": "A String", # The key to project. 11207 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11208 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11209 }, 11210 ], 11211 "name": "A String", # Name of the config. 11212 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11213 }, 11214 "name": "A String", # Volume's name. 11215 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 11216 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11217 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11218 { # Maps a string key to a path within a volume. 11219 "key": "A String", # The key to project. 11220 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11221 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11222 }, 11223 ], 11224 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11225 "secretName": "A String", # Name of the secret in the container's namespace to use. 11226 }, 11227 }, 11228 ], 11229 }, 11230 }, 11231 }, 11232 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 11233 "A String", 11234 ], 11235 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 11236 }, 11237 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 11238 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 11239 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11240 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 11241 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 11242 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 11243 "a_key": "A String", 11244 }, 11245 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 11246 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11247 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 11248 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11249 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 11250 "A String", 11251 ], 11252 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 11253 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 11254 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 11255 "a_key": "A String", 11256 }, 11257 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 11258 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 11259 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 11260 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 11261 "apiVersion": "A String", # API version of the referent. 11262 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 11263 "controller": True or False, # If true, this reference points to the managing controller. +optional 11264 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11265 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 11266 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 11267 }, 11268 ], 11269 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 11270 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 11271 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 11272 }, 11273 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 11274 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 11275 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 11276 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11277 "A String", 11278 ], 11279 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11280 "A String", 11281 ], 11282 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11283 { # EnvVar represents an environment variable present in a Container. 11284 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11285 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11286 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11287 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11288 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11289 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11290 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11291 }, 11292 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11293 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11294 }, 11295 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11296 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11297 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11298 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11299 }, 11300 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11301 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11302 }, 11303 }, 11304 }, 11305 ], 11306 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11307 { # EnvFromSource represents the source of a set of ConfigMaps 11308 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11309 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11310 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11311 }, 11312 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11313 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11314 }, 11315 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11316 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11317 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11318 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11319 }, 11320 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11321 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11322 }, 11323 }, 11324 ], 11325 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11326 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11327 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11328 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11329 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11330 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11331 "A String", 11332 ], 11333 }, 11334 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11335 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11336 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11337 { # HTTPHeader describes a custom header to be used in HTTP probes 11338 "name": "A String", # The header field name 11339 "value": "A String", # The header field value 11340 }, 11341 ], 11342 "path": "A String", # Path to access on the HTTP server. +optional 11343 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11344 "intVal": 42, # The int value. 11345 "strVal": "A String", # The string value. 11346 "type": 42, # The type of the value. 11347 }, 11348 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11349 }, 11350 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11351 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11352 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11353 "intVal": 42, # The int value. 11354 "strVal": "A String", # The string value. 11355 "type": 42, # The type of the value. 11356 }, 11357 }, 11358 }, 11359 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11360 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11361 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11362 "A String", 11363 ], 11364 }, 11365 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11366 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11367 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11368 { # HTTPHeader describes a custom header to be used in HTTP probes 11369 "name": "A String", # The header field name 11370 "value": "A String", # The header field value 11371 }, 11372 ], 11373 "path": "A String", # Path to access on the HTTP server. +optional 11374 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11375 "intVal": 42, # The int value. 11376 "strVal": "A String", # The string value. 11377 "type": 42, # The type of the value. 11378 }, 11379 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11380 }, 11381 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11382 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11383 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11384 "intVal": 42, # The int value. 11385 "strVal": "A String", # The string value. 11386 "type": 42, # The type of the value. 11387 }, 11388 }, 11389 }, 11390 }, 11391 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11392 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11393 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11394 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11395 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11396 "A String", 11397 ], 11398 }, 11399 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11400 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11401 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11402 { # HTTPHeader describes a custom header to be used in HTTP probes 11403 "name": "A String", # The header field name 11404 "value": "A String", # The header field value 11405 }, 11406 ], 11407 "path": "A String", # Path to access on the HTTP server. +optional 11408 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11409 "intVal": 42, # The int value. 11410 "strVal": "A String", # The string value. 11411 "type": 42, # The type of the value. 11412 }, 11413 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11414 }, 11415 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11416 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11417 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11418 "intVal": 42, # The int value. 11419 "strVal": "A String", # The string value. 11420 "type": 42, # The type of the value. 11421 }, 11422 }, 11423 }, 11424 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11425 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11426 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11427 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11428 }, 11429 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11430 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11431 { # ContainerPort represents a network port in a single container. 11432 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11433 "hostIP": "A String", # What host IP to bind the external port to. +optional 11434 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11435 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11436 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11437 }, 11438 ], 11439 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11440 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11441 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11442 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11443 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11444 "A String", 11445 ], 11446 }, 11447 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11448 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11449 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11450 { # HTTPHeader describes a custom header to be used in HTTP probes 11451 "name": "A String", # The header field name 11452 "value": "A String", # The header field value 11453 }, 11454 ], 11455 "path": "A String", # Path to access on the HTTP server. +optional 11456 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11457 "intVal": 42, # The int value. 11458 "strVal": "A String", # The string value. 11459 "type": 42, # The type of the value. 11460 }, 11461 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11462 }, 11463 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11464 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11465 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11466 "intVal": 42, # The int value. 11467 "strVal": "A String", # The string value. 11468 "type": 42, # The type of the value. 11469 }, 11470 }, 11471 }, 11472 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11473 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11474 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11475 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11476 }, 11477 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11478 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11479 "a_key": "A String", 11480 }, 11481 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11482 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11483 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11484 }, 11485 }, 11486 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11487 "a_key": "A String", 11488 }, 11489 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11490 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11491 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11492 }, 11493 }, 11494 }, 11495 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11496 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11497 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11498 "add": [ # Added capabilities +optional 11499 "A String", 11500 ], 11501 "drop": [ # Removed capabilities +optional 11502 "A String", 11503 ], 11504 }, 11505 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11506 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11507 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11508 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11509 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11510 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11511 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11512 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11513 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11514 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11515 }, 11516 }, 11517 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11518 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11519 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11520 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11521 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11522 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11523 { # volumeDevice describes a mapping of a raw block device within a container. 11524 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11525 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11526 }, 11527 ], 11528 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11529 { # VolumeMount describes a mounting of a Volume within a container. 11530 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11531 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11532 "name": "A String", # This must match the Name of a Volume. 11533 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11534 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11535 }, 11536 ], 11537 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11538 }, 11539 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 11540 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 11541 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 11542 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11543 "A String", 11544 ], 11545 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11546 "A String", 11547 ], 11548 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11549 { # EnvVar represents an environment variable present in a Container. 11550 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11551 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11552 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11553 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11554 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11555 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11556 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11557 }, 11558 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11559 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11560 }, 11561 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11562 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11563 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11564 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11565 }, 11566 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11567 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11568 }, 11569 }, 11570 }, 11571 ], 11572 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11573 { # EnvFromSource represents the source of a set of ConfigMaps 11574 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11575 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11576 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11577 }, 11578 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11579 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11580 }, 11581 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11582 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11583 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11584 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11585 }, 11586 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11587 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11588 }, 11589 }, 11590 ], 11591 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11592 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11593 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11594 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11595 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11596 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11597 "A String", 11598 ], 11599 }, 11600 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11601 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11602 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11603 { # HTTPHeader describes a custom header to be used in HTTP probes 11604 "name": "A String", # The header field name 11605 "value": "A String", # The header field value 11606 }, 11607 ], 11608 "path": "A String", # Path to access on the HTTP server. +optional 11609 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11610 "intVal": 42, # The int value. 11611 "strVal": "A String", # The string value. 11612 "type": 42, # The type of the value. 11613 }, 11614 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11615 }, 11616 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11617 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11618 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11619 "intVal": 42, # The int value. 11620 "strVal": "A String", # The string value. 11621 "type": 42, # The type of the value. 11622 }, 11623 }, 11624 }, 11625 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11626 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11627 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11628 "A String", 11629 ], 11630 }, 11631 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11632 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11633 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11634 { # HTTPHeader describes a custom header to be used in HTTP probes 11635 "name": "A String", # The header field name 11636 "value": "A String", # The header field value 11637 }, 11638 ], 11639 "path": "A String", # Path to access on the HTTP server. +optional 11640 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11641 "intVal": 42, # The int value. 11642 "strVal": "A String", # The string value. 11643 "type": 42, # The type of the value. 11644 }, 11645 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11646 }, 11647 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11648 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11650 "intVal": 42, # The int value. 11651 "strVal": "A String", # The string value. 11652 "type": 42, # The type of the value. 11653 }, 11654 }, 11655 }, 11656 }, 11657 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11658 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11659 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11660 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11661 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11662 "A String", 11663 ], 11664 }, 11665 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11666 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11667 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11668 { # HTTPHeader describes a custom header to be used in HTTP probes 11669 "name": "A String", # The header field name 11670 "value": "A String", # The header field value 11671 }, 11672 ], 11673 "path": "A String", # Path to access on the HTTP server. +optional 11674 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11675 "intVal": 42, # The int value. 11676 "strVal": "A String", # The string value. 11677 "type": 42, # The type of the value. 11678 }, 11679 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11680 }, 11681 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11682 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11683 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11684 "intVal": 42, # The int value. 11685 "strVal": "A String", # The string value. 11686 "type": 42, # The type of the value. 11687 }, 11688 }, 11689 }, 11690 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11691 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11692 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11693 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11694 }, 11695 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11696 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11697 { # ContainerPort represents a network port in a single container. 11698 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11699 "hostIP": "A String", # What host IP to bind the external port to. +optional 11700 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11701 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11702 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11703 }, 11704 ], 11705 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11706 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11707 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11708 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11709 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11710 "A String", 11711 ], 11712 }, 11713 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11714 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11715 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11716 { # HTTPHeader describes a custom header to be used in HTTP probes 11717 "name": "A String", # The header field name 11718 "value": "A String", # The header field value 11719 }, 11720 ], 11721 "path": "A String", # Path to access on the HTTP server. +optional 11722 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11723 "intVal": 42, # The int value. 11724 "strVal": "A String", # The string value. 11725 "type": 42, # The type of the value. 11726 }, 11727 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11728 }, 11729 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11730 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11731 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11732 "intVal": 42, # The int value. 11733 "strVal": "A String", # The string value. 11734 "type": 42, # The type of the value. 11735 }, 11736 }, 11737 }, 11738 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11739 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11740 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11741 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11742 }, 11743 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11744 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11745 "a_key": "A String", 11746 }, 11747 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11748 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11749 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11750 }, 11751 }, 11752 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11753 "a_key": "A String", 11754 }, 11755 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11756 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11757 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11758 }, 11759 }, 11760 }, 11761 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11762 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11763 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11764 "add": [ # Added capabilities +optional 11765 "A String", 11766 ], 11767 "drop": [ # Removed capabilities +optional 11768 "A String", 11769 ], 11770 }, 11771 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11772 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11773 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11774 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11775 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11776 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11777 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11778 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11779 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11780 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11781 }, 11782 }, 11783 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11784 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11785 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11786 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11787 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11788 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11789 { # volumeDevice describes a mapping of a raw block device within a container. 11790 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11791 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11792 }, 11793 ], 11794 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11795 { # VolumeMount describes a mounting of a Volume within a container. 11796 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11797 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11798 "name": "A String", # This must match the Name of a Volume. 11799 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11800 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11801 }, 11802 ], 11803 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11804 }, 11805 ], 11806 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11807 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 11808 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 11809 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 11810 "volumes": [ 11811 { # Volume represents a named volume in a container. 11812 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 11813 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11814 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11815 { # Maps a string key to a path within a volume. 11816 "key": "A String", # The key to project. 11817 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11818 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11819 }, 11820 ], 11821 "name": "A String", # Name of the config. 11822 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11823 }, 11824 "name": "A String", # Volume's name. 11825 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 11826 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11827 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11828 { # Maps a string key to a path within a volume. 11829 "key": "A String", # The key to project. 11830 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11831 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11832 }, 11833 ], 11834 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11835 "secretName": "A String", # Name of the secret in the container's namespace to use. 11836 }, 11837 }, 11838 ], 11839 }, 11840 }, 11841 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 11842 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 11843 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 11844 "a_key": "A String", 11845 }, 11846 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 11847 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11848 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 11849 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11850 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 11851 "A String", 11852 ], 11853 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 11854 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 11855 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 11856 "a_key": "A String", 11857 }, 11858 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 11859 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 11860 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 11861 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 11862 "apiVersion": "A String", # API version of the referent. 11863 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 11864 "controller": True or False, # If true, this reference points to the managing controller. +optional 11865 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11866 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 11867 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 11868 }, 11869 ], 11870 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 11871 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 11872 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 11873 }, 11874 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 11875 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 11876 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 11877 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11878 "A String", 11879 ], 11880 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11881 "A String", 11882 ], 11883 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11884 { # EnvVar represents an environment variable present in a Container. 11885 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11886 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11887 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11888 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11889 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11890 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11891 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11892 }, 11893 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11894 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11895 }, 11896 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11897 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11898 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11899 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11900 }, 11901 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11902 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11903 }, 11904 }, 11905 }, 11906 ], 11907 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11908 { # EnvFromSource represents the source of a set of ConfigMaps 11909 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11910 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11911 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11912 }, 11913 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11914 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11915 }, 11916 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11917 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11918 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11919 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11920 }, 11921 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11922 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11923 }, 11924 }, 11925 ], 11926 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11927 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11928 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11929 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11930 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11931 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11932 "A String", 11933 ], 11934 }, 11935 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11936 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11937 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11938 { # HTTPHeader describes a custom header to be used in HTTP probes 11939 "name": "A String", # The header field name 11940 "value": "A String", # The header field value 11941 }, 11942 ], 11943 "path": "A String", # Path to access on the HTTP server. +optional 11944 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11945 "intVal": 42, # The int value. 11946 "strVal": "A String", # The string value. 11947 "type": 42, # The type of the value. 11948 }, 11949 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11950 }, 11951 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11952 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11953 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11954 "intVal": 42, # The int value. 11955 "strVal": "A String", # The string value. 11956 "type": 42, # The type of the value. 11957 }, 11958 }, 11959 }, 11960 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11961 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11962 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11963 "A String", 11964 ], 11965 }, 11966 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11967 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11968 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11969 { # HTTPHeader describes a custom header to be used in HTTP probes 11970 "name": "A String", # The header field name 11971 "value": "A String", # The header field value 11972 }, 11973 ], 11974 "path": "A String", # Path to access on the HTTP server. +optional 11975 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11976 "intVal": 42, # The int value. 11977 "strVal": "A String", # The string value. 11978 "type": 42, # The type of the value. 11979 }, 11980 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11981 }, 11982 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11983 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11984 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11985 "intVal": 42, # The int value. 11986 "strVal": "A String", # The string value. 11987 "type": 42, # The type of the value. 11988 }, 11989 }, 11990 }, 11991 }, 11992 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11993 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11994 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11995 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11996 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11997 "A String", 11998 ], 11999 }, 12000 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12001 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12002 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12003 { # HTTPHeader describes a custom header to be used in HTTP probes 12004 "name": "A String", # The header field name 12005 "value": "A String", # The header field value 12006 }, 12007 ], 12008 "path": "A String", # Path to access on the HTTP server. +optional 12009 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12010 "intVal": 42, # The int value. 12011 "strVal": "A String", # The string value. 12012 "type": 42, # The type of the value. 12013 }, 12014 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12015 }, 12016 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12017 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12018 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12019 "intVal": 42, # The int value. 12020 "strVal": "A String", # The string value. 12021 "type": 42, # The type of the value. 12022 }, 12023 }, 12024 }, 12025 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12026 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12027 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12028 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12029 }, 12030 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12031 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12032 { # ContainerPort represents a network port in a single container. 12033 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12034 "hostIP": "A String", # What host IP to bind the external port to. +optional 12035 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12036 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12037 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12038 }, 12039 ], 12040 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12041 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12042 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12043 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12044 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12045 "A String", 12046 ], 12047 }, 12048 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12049 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12050 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12051 { # HTTPHeader describes a custom header to be used in HTTP probes 12052 "name": "A String", # The header field name 12053 "value": "A String", # The header field value 12054 }, 12055 ], 12056 "path": "A String", # Path to access on the HTTP server. +optional 12057 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12058 "intVal": 42, # The int value. 12059 "strVal": "A String", # The string value. 12060 "type": 42, # The type of the value. 12061 }, 12062 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12063 }, 12064 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12065 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12066 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12067 "intVal": 42, # The int value. 12068 "strVal": "A String", # The string value. 12069 "type": 42, # The type of the value. 12070 }, 12071 }, 12072 }, 12073 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12074 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12075 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12076 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12077 }, 12078 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12079 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12080 "a_key": "A String", 12081 }, 12082 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12083 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12084 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12085 }, 12086 }, 12087 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12088 "a_key": "A String", 12089 }, 12090 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12091 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12092 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12093 }, 12094 }, 12095 }, 12096 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12097 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12098 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12099 "add": [ # Added capabilities +optional 12100 "A String", 12101 ], 12102 "drop": [ # Removed capabilities +optional 12103 "A String", 12104 ], 12105 }, 12106 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12107 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12108 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12109 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12110 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12111 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12112 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12113 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12114 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12115 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12116 }, 12117 }, 12118 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12119 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12120 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12121 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12122 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12123 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12124 { # volumeDevice describes a mapping of a raw block device within a container. 12125 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12126 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12127 }, 12128 ], 12129 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12130 { # VolumeMount describes a mounting of a Volume within a container. 12131 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12132 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12133 "name": "A String", # This must match the Name of a Volume. 12134 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12135 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12136 }, 12137 ], 12138 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12139 }, 12140 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 12141 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 12142 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 12143 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12144 "A String", 12145 ], 12146 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12147 "A String", 12148 ], 12149 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12150 { # EnvVar represents an environment variable present in a Container. 12151 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12152 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12153 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12154 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12155 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12156 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12157 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12158 }, 12159 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12160 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12161 }, 12162 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12163 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12164 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12165 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12166 }, 12167 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12168 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12169 }, 12170 }, 12171 }, 12172 ], 12173 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12174 { # EnvFromSource represents the source of a set of ConfigMaps 12175 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12176 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12177 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12178 }, 12179 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12180 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12181 }, 12182 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12183 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12184 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12185 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12186 }, 12187 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12188 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12189 }, 12190 }, 12191 ], 12192 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12193 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12194 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12195 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12196 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12197 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12198 "A String", 12199 ], 12200 }, 12201 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12202 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12203 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12204 { # HTTPHeader describes a custom header to be used in HTTP probes 12205 "name": "A String", # The header field name 12206 "value": "A String", # The header field value 12207 }, 12208 ], 12209 "path": "A String", # Path to access on the HTTP server. +optional 12210 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12211 "intVal": 42, # The int value. 12212 "strVal": "A String", # The string value. 12213 "type": 42, # The type of the value. 12214 }, 12215 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12216 }, 12217 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12218 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12219 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12220 "intVal": 42, # The int value. 12221 "strVal": "A String", # The string value. 12222 "type": 42, # The type of the value. 12223 }, 12224 }, 12225 }, 12226 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12227 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12228 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12229 "A String", 12230 ], 12231 }, 12232 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12233 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12234 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12235 { # HTTPHeader describes a custom header to be used in HTTP probes 12236 "name": "A String", # The header field name 12237 "value": "A String", # The header field value 12238 }, 12239 ], 12240 "path": "A String", # Path to access on the HTTP server. +optional 12241 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12242 "intVal": 42, # The int value. 12243 "strVal": "A String", # The string value. 12244 "type": 42, # The type of the value. 12245 }, 12246 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12247 }, 12248 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12249 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12251 "intVal": 42, # The int value. 12252 "strVal": "A String", # The string value. 12253 "type": 42, # The type of the value. 12254 }, 12255 }, 12256 }, 12257 }, 12258 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12259 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12260 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12261 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12262 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12263 "A String", 12264 ], 12265 }, 12266 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12267 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12268 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12269 { # HTTPHeader describes a custom header to be used in HTTP probes 12270 "name": "A String", # The header field name 12271 "value": "A String", # The header field value 12272 }, 12273 ], 12274 "path": "A String", # Path to access on the HTTP server. +optional 12275 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12276 "intVal": 42, # The int value. 12277 "strVal": "A String", # The string value. 12278 "type": 42, # The type of the value. 12279 }, 12280 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12281 }, 12282 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12283 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12284 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12285 "intVal": 42, # The int value. 12286 "strVal": "A String", # The string value. 12287 "type": 42, # The type of the value. 12288 }, 12289 }, 12290 }, 12291 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12292 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12293 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12294 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12295 }, 12296 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12297 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12298 { # ContainerPort represents a network port in a single container. 12299 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12300 "hostIP": "A String", # What host IP to bind the external port to. +optional 12301 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12302 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12303 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12304 }, 12305 ], 12306 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12307 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12308 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12309 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12310 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12311 "A String", 12312 ], 12313 }, 12314 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12315 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12316 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12317 { # HTTPHeader describes a custom header to be used in HTTP probes 12318 "name": "A String", # The header field name 12319 "value": "A String", # The header field value 12320 }, 12321 ], 12322 "path": "A String", # Path to access on the HTTP server. +optional 12323 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12324 "intVal": 42, # The int value. 12325 "strVal": "A String", # The string value. 12326 "type": 42, # The type of the value. 12327 }, 12328 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12329 }, 12330 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12331 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12332 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12333 "intVal": 42, # The int value. 12334 "strVal": "A String", # The string value. 12335 "type": 42, # The type of the value. 12336 }, 12337 }, 12338 }, 12339 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12340 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12341 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12342 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12343 }, 12344 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12345 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12346 "a_key": "A String", 12347 }, 12348 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12349 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12350 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12351 }, 12352 }, 12353 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12354 "a_key": "A String", 12355 }, 12356 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12357 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12358 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12359 }, 12360 }, 12361 }, 12362 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12363 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12364 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12365 "add": [ # Added capabilities +optional 12366 "A String", 12367 ], 12368 "drop": [ # Removed capabilities +optional 12369 "A String", 12370 ], 12371 }, 12372 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12373 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12374 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12375 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12376 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12377 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12378 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12379 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12380 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12381 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12382 }, 12383 }, 12384 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12385 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12386 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12387 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12388 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12389 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12390 { # volumeDevice describes a mapping of a raw block device within a container. 12391 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12392 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12393 }, 12394 ], 12395 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12396 { # VolumeMount describes a mounting of a Volume within a container. 12397 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12398 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12399 "name": "A String", # This must match the Name of a Volume. 12400 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12401 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12402 }, 12403 ], 12404 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12405 }, 12406 ], 12407 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 12408 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 12409 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 12410 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 12411 "volumes": [ 12412 { # Volume represents a named volume in a container. 12413 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 12414 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 12415 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 12416 { # Maps a string key to a path within a volume. 12417 "key": "A String", # The key to project. 12418 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 12419 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 12420 }, 12421 ], 12422 "name": "A String", # Name of the config. 12423 "optional": True or False, # Specify whether the Secret or its keys must be defined. 12424 }, 12425 "name": "A String", # Volume's name. 12426 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 12427 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 12428 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 12429 { # Maps a string key to a path within a volume. 12430 "key": "A String", # The key to project. 12431 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 12432 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 12433 }, 12434 ], 12435 "optional": True or False, # Specify whether the Secret or its keys must be defined. 12436 "secretName": "A String", # Name of the secret in the container's namespace to use. 12437 }, 12438 }, 12439 ], 12440 }, 12441 }, 12442 }, 12443 }, 12444 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 12445 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 12446 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 12447 "a_key": "A String", 12448 }, 12449 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 12450 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 12451 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 12452 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 12453 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 12454 "A String", 12455 ], 12456 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 12457 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 12458 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 12459 "a_key": "A String", 12460 }, 12461 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 12462 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 12463 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 12464 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 12465 "apiVersion": "A String", # API version of the referent. 12466 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 12467 "controller": True or False, # If true, this reference points to the managing controller. +optional 12468 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12469 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 12470 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 12471 }, 12472 ], 12473 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 12474 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 12475 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 12476 }, 12477 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 12478 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 12479 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 12480 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12481 "A String", 12482 ], 12483 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12484 "A String", 12485 ], 12486 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12487 { # EnvVar represents an environment variable present in a Container. 12488 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12489 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12490 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12491 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12492 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12493 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12494 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12495 }, 12496 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12497 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12498 }, 12499 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12500 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12501 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12502 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12503 }, 12504 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12505 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12506 }, 12507 }, 12508 }, 12509 ], 12510 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12511 { # EnvFromSource represents the source of a set of ConfigMaps 12512 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12513 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12514 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12515 }, 12516 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12517 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12518 }, 12519 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12520 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12521 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12522 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12523 }, 12524 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12525 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12526 }, 12527 }, 12528 ], 12529 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12530 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12531 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12532 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12533 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12534 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12535 "A String", 12536 ], 12537 }, 12538 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12539 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12540 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12541 { # HTTPHeader describes a custom header to be used in HTTP probes 12542 "name": "A String", # The header field name 12543 "value": "A String", # The header field value 12544 }, 12545 ], 12546 "path": "A String", # Path to access on the HTTP server. +optional 12547 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12548 "intVal": 42, # The int value. 12549 "strVal": "A String", # The string value. 12550 "type": 42, # The type of the value. 12551 }, 12552 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12553 }, 12554 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12555 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12556 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12557 "intVal": 42, # The int value. 12558 "strVal": "A String", # The string value. 12559 "type": 42, # The type of the value. 12560 }, 12561 }, 12562 }, 12563 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12564 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12565 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12566 "A String", 12567 ], 12568 }, 12569 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12570 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12571 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12572 { # HTTPHeader describes a custom header to be used in HTTP probes 12573 "name": "A String", # The header field name 12574 "value": "A String", # The header field value 12575 }, 12576 ], 12577 "path": "A String", # Path to access on the HTTP server. +optional 12578 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12579 "intVal": 42, # The int value. 12580 "strVal": "A String", # The string value. 12581 "type": 42, # The type of the value. 12582 }, 12583 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12584 }, 12585 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12586 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12587 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12588 "intVal": 42, # The int value. 12589 "strVal": "A String", # The string value. 12590 "type": 42, # The type of the value. 12591 }, 12592 }, 12593 }, 12594 }, 12595 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12596 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12597 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12598 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12599 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12600 "A String", 12601 ], 12602 }, 12603 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12604 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12605 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12606 { # HTTPHeader describes a custom header to be used in HTTP probes 12607 "name": "A String", # The header field name 12608 "value": "A String", # The header field value 12609 }, 12610 ], 12611 "path": "A String", # Path to access on the HTTP server. +optional 12612 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12613 "intVal": 42, # The int value. 12614 "strVal": "A String", # The string value. 12615 "type": 42, # The type of the value. 12616 }, 12617 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12618 }, 12619 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12620 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12621 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12622 "intVal": 42, # The int value. 12623 "strVal": "A String", # The string value. 12624 "type": 42, # The type of the value. 12625 }, 12626 }, 12627 }, 12628 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12629 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12630 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12631 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12632 }, 12633 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12634 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12635 { # ContainerPort represents a network port in a single container. 12636 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12637 "hostIP": "A String", # What host IP to bind the external port to. +optional 12638 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12639 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12640 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12641 }, 12642 ], 12643 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12644 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12645 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12646 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12647 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12648 "A String", 12649 ], 12650 }, 12651 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12652 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12653 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12654 { # HTTPHeader describes a custom header to be used in HTTP probes 12655 "name": "A String", # The header field name 12656 "value": "A String", # The header field value 12657 }, 12658 ], 12659 "path": "A String", # Path to access on the HTTP server. +optional 12660 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12661 "intVal": 42, # The int value. 12662 "strVal": "A String", # The string value. 12663 "type": 42, # The type of the value. 12664 }, 12665 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12666 }, 12667 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12668 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12670 "intVal": 42, # The int value. 12671 "strVal": "A String", # The string value. 12672 "type": 42, # The type of the value. 12673 }, 12674 }, 12675 }, 12676 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12677 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12678 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12679 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12680 }, 12681 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12682 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12683 "a_key": "A String", 12684 }, 12685 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12686 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12687 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12688 }, 12689 }, 12690 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12691 "a_key": "A String", 12692 }, 12693 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12694 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12695 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12696 }, 12697 }, 12698 }, 12699 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12700 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12701 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12702 "add": [ # Added capabilities +optional 12703 "A String", 12704 ], 12705 "drop": [ # Removed capabilities +optional 12706 "A String", 12707 ], 12708 }, 12709 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12710 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12711 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12712 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12713 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12714 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12715 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12716 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12717 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12718 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12719 }, 12720 }, 12721 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12722 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12723 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12724 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12725 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12726 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12727 { # volumeDevice describes a mapping of a raw block device within a container. 12728 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12729 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12730 }, 12731 ], 12732 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12733 { # VolumeMount describes a mounting of a Volume within a container. 12734 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12735 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12736 "name": "A String", # This must match the Name of a Volume. 12737 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12738 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12739 }, 12740 ], 12741 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12742 }, 12743 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 12744 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 12745 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 12746 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12747 "A String", 12748 ], 12749 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12750 "A String", 12751 ], 12752 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12753 { # EnvVar represents an environment variable present in a Container. 12754 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12755 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12756 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12757 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12758 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12759 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12760 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12761 }, 12762 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12763 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12764 }, 12765 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12766 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12767 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12768 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12769 }, 12770 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12771 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12772 }, 12773 }, 12774 }, 12775 ], 12776 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12777 { # EnvFromSource represents the source of a set of ConfigMaps 12778 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12779 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12780 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12781 }, 12782 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12783 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12784 }, 12785 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12786 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12787 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12788 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12789 }, 12790 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12791 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12792 }, 12793 }, 12794 ], 12795 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12796 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12797 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12798 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12799 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12800 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12801 "A String", 12802 ], 12803 }, 12804 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12805 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12806 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12807 { # HTTPHeader describes a custom header to be used in HTTP probes 12808 "name": "A String", # The header field name 12809 "value": "A String", # The header field value 12810 }, 12811 ], 12812 "path": "A String", # Path to access on the HTTP server. +optional 12813 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12814 "intVal": 42, # The int value. 12815 "strVal": "A String", # The string value. 12816 "type": 42, # The type of the value. 12817 }, 12818 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12819 }, 12820 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12821 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12822 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12823 "intVal": 42, # The int value. 12824 "strVal": "A String", # The string value. 12825 "type": 42, # The type of the value. 12826 }, 12827 }, 12828 }, 12829 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12830 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12831 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12832 "A String", 12833 ], 12834 }, 12835 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12836 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12837 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12838 { # HTTPHeader describes a custom header to be used in HTTP probes 12839 "name": "A String", # The header field name 12840 "value": "A String", # The header field value 12841 }, 12842 ], 12843 "path": "A String", # Path to access on the HTTP server. +optional 12844 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12845 "intVal": 42, # The int value. 12846 "strVal": "A String", # The string value. 12847 "type": 42, # The type of the value. 12848 }, 12849 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12850 }, 12851 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12852 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12853 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12854 "intVal": 42, # The int value. 12855 "strVal": "A String", # The string value. 12856 "type": 42, # The type of the value. 12857 }, 12858 }, 12859 }, 12860 }, 12861 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12862 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12863 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12864 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12865 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12866 "A String", 12867 ], 12868 }, 12869 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12870 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12871 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12872 { # HTTPHeader describes a custom header to be used in HTTP probes 12873 "name": "A String", # The header field name 12874 "value": "A String", # The header field value 12875 }, 12876 ], 12877 "path": "A String", # Path to access on the HTTP server. +optional 12878 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12879 "intVal": 42, # The int value. 12880 "strVal": "A String", # The string value. 12881 "type": 42, # The type of the value. 12882 }, 12883 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12884 }, 12885 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12886 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12887 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12888 "intVal": 42, # The int value. 12889 "strVal": "A String", # The string value. 12890 "type": 42, # The type of the value. 12891 }, 12892 }, 12893 }, 12894 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12895 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12896 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12897 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12898 }, 12899 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12900 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12901 { # ContainerPort represents a network port in a single container. 12902 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12903 "hostIP": "A String", # What host IP to bind the external port to. +optional 12904 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12905 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12906 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12907 }, 12908 ], 12909 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12910 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12911 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12912 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12913 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12914 "A String", 12915 ], 12916 }, 12917 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12918 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12919 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12920 { # HTTPHeader describes a custom header to be used in HTTP probes 12921 "name": "A String", # The header field name 12922 "value": "A String", # The header field value 12923 }, 12924 ], 12925 "path": "A String", # Path to access on the HTTP server. +optional 12926 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12927 "intVal": 42, # The int value. 12928 "strVal": "A String", # The string value. 12929 "type": 42, # The type of the value. 12930 }, 12931 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12932 }, 12933 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12934 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12935 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12936 "intVal": 42, # The int value. 12937 "strVal": "A String", # The string value. 12938 "type": 42, # The type of the value. 12939 }, 12940 }, 12941 }, 12942 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12943 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12944 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12945 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12946 }, 12947 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12948 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12949 "a_key": "A String", 12950 }, 12951 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12952 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12953 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12954 }, 12955 }, 12956 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12957 "a_key": "A String", 12958 }, 12959 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12960 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12961 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12962 }, 12963 }, 12964 }, 12965 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12966 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12967 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12968 "add": [ # Added capabilities +optional 12969 "A String", 12970 ], 12971 "drop": [ # Removed capabilities +optional 12972 "A String", 12973 ], 12974 }, 12975 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12976 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12977 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12978 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12979 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12980 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12981 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12982 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12983 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12984 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12985 }, 12986 }, 12987 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12988 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12989 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12990 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12991 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12992 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12993 { # volumeDevice describes a mapping of a raw block device within a container. 12994 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12995 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12996 }, 12997 ], 12998 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12999 { # VolumeMount describes a mounting of a Volume within a container. 13000 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13001 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13002 "name": "A String", # This must match the Name of a Volume. 13003 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13004 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13005 }, 13006 ], 13007 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13008 }, 13009 ], 13010 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13011 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 13012 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 13013 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 13014 "volumes": [ 13015 { # Volume represents a named volume in a container. 13016 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 13017 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13018 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13019 { # Maps a string key to a path within a volume. 13020 "key": "A String", # The key to project. 13021 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13022 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13023 }, 13024 ], 13025 "name": "A String", # Name of the config. 13026 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13027 }, 13028 "name": "A String", # Volume's name. 13029 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 13030 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13031 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13032 { # Maps a string key to a path within a volume. 13033 "key": "A String", # The key to project. 13034 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13035 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13036 }, 13037 ], 13038 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13039 "secretName": "A String", # Name of the secret in the container's namespace to use. 13040 }, 13041 }, 13042 ], 13043 }, 13044 }, 13045 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 13046 { # TrafficTarget holds a single entry of the routing table for a Route. 13047 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 13048 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 13049 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 13050 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 13051 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 13052 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 13053 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 13054 }, 13055 ], 13056 }, 13057 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 13058 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 13059 "hostname": "A String", # Deprecated - use url instead. 13060 "url": "A String", 13061 }, 13062 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 13063 { # ServiceCondition defines a readiness condition for a Service. 13064 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 13065 "message": "A String", # Human-readable message indicating details about last transition. +optional 13066 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 13067 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 13068 "status": "A String", # Status of the condition, one of True, False, Unknown. 13069 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 13070 }, 13071 ], 13072 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 13073 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 13074 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 13075 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 13076 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 13077 { # TrafficTarget holds a single entry of the routing table for a Route. 13078 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 13079 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 13080 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 13081 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 13082 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 13083 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 13084 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 13085 }, 13086 ], 13087 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 13088 }, 13089}</pre> 13090</div> 13091 13092<div class="method"> 13093 <code class="details" id="list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</code> 13094 <pre>Rpc to list services. 13095 13096Args: 13097 parent: string, The project ID or project number from which the services should be listed. (required) 13098 continue: string, Optional encoded string to continue paging. 13099 fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run. 13100 includeUninitialized: boolean, Not currently used by Cloud Run. 13101 labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn. 13102 limit: integer, The maximum number of records that should be returned. 13103 resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run. 13104 watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run. 13105 x__xgafv: string, V1 error format. 13106 Allowed values 13107 1 - v1 error format 13108 2 - v2 error format 13109 13110Returns: 13111 An object of the form: 13112 13113 { # A list of Service resources. 13114 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 13115 "items": [ # List of Services. 13116 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 13117 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 13118 "kind": "A String", # The kind of resource, in this case "Service". 13119 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 13120 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13121 "a_key": "A String", 13122 }, 13123 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13124 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13125 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13126 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13127 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13128 "A String", 13129 ], 13130 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13131 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13132 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13133 "a_key": "A String", 13134 }, 13135 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13136 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13137 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13138 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13139 "apiVersion": "A String", # API version of the referent. 13140 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13141 "controller": True or False, # If true, this reference points to the managing controller. +optional 13142 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13143 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13144 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13145 }, 13146 ], 13147 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13148 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13149 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13150 }, 13151 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 13152 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13153 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 13154 }, 13155 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 13156 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 13157 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13158 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 13159 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 13160 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13161 "a_key": "A String", 13162 }, 13163 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13164 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13165 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13166 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13167 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13168 "A String", 13169 ], 13170 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13171 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13172 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13173 "a_key": "A String", 13174 }, 13175 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13176 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13177 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13178 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13179 "apiVersion": "A String", # API version of the referent. 13180 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13181 "controller": True or False, # If true, this reference points to the managing controller. +optional 13182 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13183 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13184 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13185 }, 13186 ], 13187 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13188 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13189 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13190 }, 13191 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 13192 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 13193 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 13194 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13195 "A String", 13196 ], 13197 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13198 "A String", 13199 ], 13200 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13201 { # EnvVar represents an environment variable present in a Container. 13202 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13203 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13204 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13205 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13206 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13207 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13208 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13209 }, 13210 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13211 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13212 }, 13213 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13214 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13215 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13216 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13217 }, 13218 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13219 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13220 }, 13221 }, 13222 }, 13223 ], 13224 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13225 { # EnvFromSource represents the source of a set of ConfigMaps 13226 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13227 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13228 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13229 }, 13230 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13231 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13232 }, 13233 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13234 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13235 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13236 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13237 }, 13238 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13239 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13240 }, 13241 }, 13242 ], 13243 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13244 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13245 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13246 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13247 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13248 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13249 "A String", 13250 ], 13251 }, 13252 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13253 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13254 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13255 { # HTTPHeader describes a custom header to be used in HTTP probes 13256 "name": "A String", # The header field name 13257 "value": "A String", # The header field value 13258 }, 13259 ], 13260 "path": "A String", # Path to access on the HTTP server. +optional 13261 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13262 "intVal": 42, # The int value. 13263 "strVal": "A String", # The string value. 13264 "type": 42, # The type of the value. 13265 }, 13266 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13267 }, 13268 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13269 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13270 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13271 "intVal": 42, # The int value. 13272 "strVal": "A String", # The string value. 13273 "type": 42, # The type of the value. 13274 }, 13275 }, 13276 }, 13277 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13278 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13279 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13280 "A String", 13281 ], 13282 }, 13283 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13284 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13285 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13286 { # HTTPHeader describes a custom header to be used in HTTP probes 13287 "name": "A String", # The header field name 13288 "value": "A String", # The header field value 13289 }, 13290 ], 13291 "path": "A String", # Path to access on the HTTP server. +optional 13292 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13293 "intVal": 42, # The int value. 13294 "strVal": "A String", # The string value. 13295 "type": 42, # The type of the value. 13296 }, 13297 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13298 }, 13299 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13300 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13301 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13302 "intVal": 42, # The int value. 13303 "strVal": "A String", # The string value. 13304 "type": 42, # The type of the value. 13305 }, 13306 }, 13307 }, 13308 }, 13309 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13310 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13311 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13312 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13313 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13314 "A String", 13315 ], 13316 }, 13317 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13318 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13319 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13320 { # HTTPHeader describes a custom header to be used in HTTP probes 13321 "name": "A String", # The header field name 13322 "value": "A String", # The header field value 13323 }, 13324 ], 13325 "path": "A String", # Path to access on the HTTP server. +optional 13326 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13327 "intVal": 42, # The int value. 13328 "strVal": "A String", # The string value. 13329 "type": 42, # The type of the value. 13330 }, 13331 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13332 }, 13333 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13334 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13335 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13336 "intVal": 42, # The int value. 13337 "strVal": "A String", # The string value. 13338 "type": 42, # The type of the value. 13339 }, 13340 }, 13341 }, 13342 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13343 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13344 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13345 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13346 }, 13347 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 13348 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 13349 { # ContainerPort represents a network port in a single container. 13350 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 13351 "hostIP": "A String", # What host IP to bind the external port to. +optional 13352 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 13353 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 13354 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 13355 }, 13356 ], 13357 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13358 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13359 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13360 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13361 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13362 "A String", 13363 ], 13364 }, 13365 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13366 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13367 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13368 { # HTTPHeader describes a custom header to be used in HTTP probes 13369 "name": "A String", # The header field name 13370 "value": "A String", # The header field value 13371 }, 13372 ], 13373 "path": "A String", # Path to access on the HTTP server. +optional 13374 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13375 "intVal": 42, # The int value. 13376 "strVal": "A String", # The string value. 13377 "type": 42, # The type of the value. 13378 }, 13379 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13380 }, 13381 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13382 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13383 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13384 "intVal": 42, # The int value. 13385 "strVal": "A String", # The string value. 13386 "type": 42, # The type of the value. 13387 }, 13388 }, 13389 }, 13390 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13391 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13392 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13393 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13394 }, 13395 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 13396 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13397 "a_key": "A String", 13398 }, 13399 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 13400 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13401 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13402 }, 13403 }, 13404 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13405 "a_key": "A String", 13406 }, 13407 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 13408 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13409 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13410 }, 13411 }, 13412 }, 13413 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 13414 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 13415 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 13416 "add": [ # Added capabilities +optional 13417 "A String", 13418 ], 13419 "drop": [ # Removed capabilities +optional 13420 "A String", 13421 ], 13422 }, 13423 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 13424 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 13425 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13426 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13427 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13428 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13429 "level": "A String", # Level is SELinux level label that applies to the container. +optional 13430 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 13431 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 13432 "user": "A String", # User is a SELinux user label that applies to the container. +optional 13433 }, 13434 }, 13435 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 13436 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 13437 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 13438 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 13439 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 13440 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 13441 { # volumeDevice describes a mapping of a raw block device within a container. 13442 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 13443 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 13444 }, 13445 ], 13446 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 13447 { # VolumeMount describes a mounting of a Volume within a container. 13448 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13449 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13450 "name": "A String", # This must match the Name of a Volume. 13451 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13452 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13453 }, 13454 ], 13455 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13456 }, 13457 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 13458 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 13459 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 13460 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13461 "A String", 13462 ], 13463 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13464 "A String", 13465 ], 13466 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13467 { # EnvVar represents an environment variable present in a Container. 13468 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13469 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13470 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13471 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13472 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13473 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13474 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13475 }, 13476 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13477 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13478 }, 13479 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13480 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13481 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13482 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13483 }, 13484 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13485 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13486 }, 13487 }, 13488 }, 13489 ], 13490 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13491 { # EnvFromSource represents the source of a set of ConfigMaps 13492 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13493 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13494 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13495 }, 13496 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13497 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13498 }, 13499 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13500 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13501 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13502 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13503 }, 13504 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13505 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13506 }, 13507 }, 13508 ], 13509 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13510 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13511 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13512 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13513 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13514 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13515 "A String", 13516 ], 13517 }, 13518 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13519 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13520 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13521 { # HTTPHeader describes a custom header to be used in HTTP probes 13522 "name": "A String", # The header field name 13523 "value": "A String", # The header field value 13524 }, 13525 ], 13526 "path": "A String", # Path to access on the HTTP server. +optional 13527 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13528 "intVal": 42, # The int value. 13529 "strVal": "A String", # The string value. 13530 "type": 42, # The type of the value. 13531 }, 13532 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13533 }, 13534 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13535 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13536 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13537 "intVal": 42, # The int value. 13538 "strVal": "A String", # The string value. 13539 "type": 42, # The type of the value. 13540 }, 13541 }, 13542 }, 13543 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13544 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13545 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13546 "A String", 13547 ], 13548 }, 13549 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13550 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13551 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13552 { # HTTPHeader describes a custom header to be used in HTTP probes 13553 "name": "A String", # The header field name 13554 "value": "A String", # The header field value 13555 }, 13556 ], 13557 "path": "A String", # Path to access on the HTTP server. +optional 13558 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13559 "intVal": 42, # The int value. 13560 "strVal": "A String", # The string value. 13561 "type": 42, # The type of the value. 13562 }, 13563 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13564 }, 13565 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13566 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13567 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13568 "intVal": 42, # The int value. 13569 "strVal": "A String", # The string value. 13570 "type": 42, # The type of the value. 13571 }, 13572 }, 13573 }, 13574 }, 13575 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13576 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13577 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13578 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13579 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13580 "A String", 13581 ], 13582 }, 13583 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13584 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13585 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13586 { # HTTPHeader describes a custom header to be used in HTTP probes 13587 "name": "A String", # The header field name 13588 "value": "A String", # The header field value 13589 }, 13590 ], 13591 "path": "A String", # Path to access on the HTTP server. +optional 13592 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13593 "intVal": 42, # The int value. 13594 "strVal": "A String", # The string value. 13595 "type": 42, # The type of the value. 13596 }, 13597 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13598 }, 13599 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13600 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13601 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13602 "intVal": 42, # The int value. 13603 "strVal": "A String", # The string value. 13604 "type": 42, # The type of the value. 13605 }, 13606 }, 13607 }, 13608 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13609 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13610 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13611 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13612 }, 13613 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 13614 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 13615 { # ContainerPort represents a network port in a single container. 13616 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 13617 "hostIP": "A String", # What host IP to bind the external port to. +optional 13618 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 13619 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 13620 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 13621 }, 13622 ], 13623 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13624 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13625 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13626 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13627 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13628 "A String", 13629 ], 13630 }, 13631 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13632 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13633 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13634 { # HTTPHeader describes a custom header to be used in HTTP probes 13635 "name": "A String", # The header field name 13636 "value": "A String", # The header field value 13637 }, 13638 ], 13639 "path": "A String", # Path to access on the HTTP server. +optional 13640 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13641 "intVal": 42, # The int value. 13642 "strVal": "A String", # The string value. 13643 "type": 42, # The type of the value. 13644 }, 13645 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13646 }, 13647 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13648 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13650 "intVal": 42, # The int value. 13651 "strVal": "A String", # The string value. 13652 "type": 42, # The type of the value. 13653 }, 13654 }, 13655 }, 13656 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13657 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13658 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13659 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13660 }, 13661 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 13662 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13663 "a_key": "A String", 13664 }, 13665 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 13666 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13667 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13668 }, 13669 }, 13670 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13671 "a_key": "A String", 13672 }, 13673 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 13674 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13675 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13676 }, 13677 }, 13678 }, 13679 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 13680 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 13681 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 13682 "add": [ # Added capabilities +optional 13683 "A String", 13684 ], 13685 "drop": [ # Removed capabilities +optional 13686 "A String", 13687 ], 13688 }, 13689 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 13690 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 13691 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13692 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13693 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13694 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13695 "level": "A String", # Level is SELinux level label that applies to the container. +optional 13696 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 13697 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 13698 "user": "A String", # User is a SELinux user label that applies to the container. +optional 13699 }, 13700 }, 13701 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 13702 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 13703 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 13704 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 13705 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 13706 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 13707 { # volumeDevice describes a mapping of a raw block device within a container. 13708 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 13709 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 13710 }, 13711 ], 13712 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 13713 { # VolumeMount describes a mounting of a Volume within a container. 13714 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13715 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13716 "name": "A String", # This must match the Name of a Volume. 13717 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13718 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13719 }, 13720 ], 13721 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13722 }, 13723 ], 13724 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13725 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 13726 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 13727 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 13728 "volumes": [ 13729 { # Volume represents a named volume in a container. 13730 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 13731 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13732 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13733 { # Maps a string key to a path within a volume. 13734 "key": "A String", # The key to project. 13735 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13736 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13737 }, 13738 ], 13739 "name": "A String", # Name of the config. 13740 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13741 }, 13742 "name": "A String", # Volume's name. 13743 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 13744 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13745 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13746 { # Maps a string key to a path within a volume. 13747 "key": "A String", # The key to project. 13748 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13749 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13750 }, 13751 ], 13752 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13753 "secretName": "A String", # Name of the secret in the container's namespace to use. 13754 }, 13755 }, 13756 ], 13757 }, 13758 }, 13759 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 13760 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 13761 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13762 "a_key": "A String", 13763 }, 13764 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13765 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13766 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13767 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13768 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13769 "A String", 13770 ], 13771 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13772 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13773 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13774 "a_key": "A String", 13775 }, 13776 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13777 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13778 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13779 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13780 "apiVersion": "A String", # API version of the referent. 13781 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13782 "controller": True or False, # If true, this reference points to the managing controller. +optional 13783 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13784 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13785 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13786 }, 13787 ], 13788 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13789 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13790 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13791 }, 13792 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 13793 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 13794 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 13795 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13796 "A String", 13797 ], 13798 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13799 "A String", 13800 ], 13801 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13802 { # EnvVar represents an environment variable present in a Container. 13803 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13804 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13805 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13806 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13807 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13808 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13809 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13810 }, 13811 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13812 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13813 }, 13814 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13815 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13816 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13817 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13818 }, 13819 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13820 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13821 }, 13822 }, 13823 }, 13824 ], 13825 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13826 { # EnvFromSource represents the source of a set of ConfigMaps 13827 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13828 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13829 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13830 }, 13831 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13832 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13833 }, 13834 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13835 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13836 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13837 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13838 }, 13839 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13840 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13841 }, 13842 }, 13843 ], 13844 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13845 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13846 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13847 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13848 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13849 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13850 "A String", 13851 ], 13852 }, 13853 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13854 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13855 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13856 { # HTTPHeader describes a custom header to be used in HTTP probes 13857 "name": "A String", # The header field name 13858 "value": "A String", # The header field value 13859 }, 13860 ], 13861 "path": "A String", # Path to access on the HTTP server. +optional 13862 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13863 "intVal": 42, # The int value. 13864 "strVal": "A String", # The string value. 13865 "type": 42, # The type of the value. 13866 }, 13867 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13868 }, 13869 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13870 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13871 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13872 "intVal": 42, # The int value. 13873 "strVal": "A String", # The string value. 13874 "type": 42, # The type of the value. 13875 }, 13876 }, 13877 }, 13878 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13879 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13880 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13881 "A String", 13882 ], 13883 }, 13884 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13885 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13886 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13887 { # HTTPHeader describes a custom header to be used in HTTP probes 13888 "name": "A String", # The header field name 13889 "value": "A String", # The header field value 13890 }, 13891 ], 13892 "path": "A String", # Path to access on the HTTP server. +optional 13893 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13894 "intVal": 42, # The int value. 13895 "strVal": "A String", # The string value. 13896 "type": 42, # The type of the value. 13897 }, 13898 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13899 }, 13900 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13901 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13902 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13903 "intVal": 42, # The int value. 13904 "strVal": "A String", # The string value. 13905 "type": 42, # The type of the value. 13906 }, 13907 }, 13908 }, 13909 }, 13910 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13911 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13912 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13913 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13914 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13915 "A String", 13916 ], 13917 }, 13918 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13919 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13920 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13921 { # HTTPHeader describes a custom header to be used in HTTP probes 13922 "name": "A String", # The header field name 13923 "value": "A String", # The header field value 13924 }, 13925 ], 13926 "path": "A String", # Path to access on the HTTP server. +optional 13927 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13928 "intVal": 42, # The int value. 13929 "strVal": "A String", # The string value. 13930 "type": 42, # The type of the value. 13931 }, 13932 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13933 }, 13934 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13935 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13936 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13937 "intVal": 42, # The int value. 13938 "strVal": "A String", # The string value. 13939 "type": 42, # The type of the value. 13940 }, 13941 }, 13942 }, 13943 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13944 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13945 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13946 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13947 }, 13948 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 13949 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 13950 { # ContainerPort represents a network port in a single container. 13951 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 13952 "hostIP": "A String", # What host IP to bind the external port to. +optional 13953 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 13954 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 13955 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 13956 }, 13957 ], 13958 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13959 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13960 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13961 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13962 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13963 "A String", 13964 ], 13965 }, 13966 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13967 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13968 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13969 { # HTTPHeader describes a custom header to be used in HTTP probes 13970 "name": "A String", # The header field name 13971 "value": "A String", # The header field value 13972 }, 13973 ], 13974 "path": "A String", # Path to access on the HTTP server. +optional 13975 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13976 "intVal": 42, # The int value. 13977 "strVal": "A String", # The string value. 13978 "type": 42, # The type of the value. 13979 }, 13980 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13981 }, 13982 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13983 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13984 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13985 "intVal": 42, # The int value. 13986 "strVal": "A String", # The string value. 13987 "type": 42, # The type of the value. 13988 }, 13989 }, 13990 }, 13991 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13992 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13993 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13994 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13995 }, 13996 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 13997 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13998 "a_key": "A String", 13999 }, 14000 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14001 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14002 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14003 }, 14004 }, 14005 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14006 "a_key": "A String", 14007 }, 14008 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14009 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14010 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14011 }, 14012 }, 14013 }, 14014 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14015 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14016 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14017 "add": [ # Added capabilities +optional 14018 "A String", 14019 ], 14020 "drop": [ # Removed capabilities +optional 14021 "A String", 14022 ], 14023 }, 14024 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14025 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14026 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14027 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14028 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14029 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14030 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14031 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14032 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14033 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14034 }, 14035 }, 14036 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14037 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14038 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14039 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14040 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14041 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14042 { # volumeDevice describes a mapping of a raw block device within a container. 14043 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14044 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14045 }, 14046 ], 14047 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14048 { # VolumeMount describes a mounting of a Volume within a container. 14049 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14050 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14051 "name": "A String", # This must match the Name of a Volume. 14052 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14053 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14054 }, 14055 ], 14056 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14057 }, 14058 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 14059 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 14060 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 14061 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14062 "A String", 14063 ], 14064 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14065 "A String", 14066 ], 14067 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14068 { # EnvVar represents an environment variable present in a Container. 14069 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14070 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14071 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14072 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14073 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14074 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14075 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14076 }, 14077 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14078 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14079 }, 14080 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14081 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14082 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14083 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14084 }, 14085 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14086 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14087 }, 14088 }, 14089 }, 14090 ], 14091 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14092 { # EnvFromSource represents the source of a set of ConfigMaps 14093 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14094 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14095 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14096 }, 14097 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14098 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14099 }, 14100 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14101 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14102 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14103 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14104 }, 14105 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14106 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14107 }, 14108 }, 14109 ], 14110 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14111 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14112 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14113 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14114 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14115 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14116 "A String", 14117 ], 14118 }, 14119 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14120 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14121 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14122 { # HTTPHeader describes a custom header to be used in HTTP probes 14123 "name": "A String", # The header field name 14124 "value": "A String", # The header field value 14125 }, 14126 ], 14127 "path": "A String", # Path to access on the HTTP server. +optional 14128 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14129 "intVal": 42, # The int value. 14130 "strVal": "A String", # The string value. 14131 "type": 42, # The type of the value. 14132 }, 14133 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14134 }, 14135 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14136 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14137 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14138 "intVal": 42, # The int value. 14139 "strVal": "A String", # The string value. 14140 "type": 42, # The type of the value. 14141 }, 14142 }, 14143 }, 14144 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14145 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14146 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14147 "A String", 14148 ], 14149 }, 14150 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14151 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14152 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14153 { # HTTPHeader describes a custom header to be used in HTTP probes 14154 "name": "A String", # The header field name 14155 "value": "A String", # The header field value 14156 }, 14157 ], 14158 "path": "A String", # Path to access on the HTTP server. +optional 14159 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14160 "intVal": 42, # The int value. 14161 "strVal": "A String", # The string value. 14162 "type": 42, # The type of the value. 14163 }, 14164 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14165 }, 14166 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14167 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14168 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14169 "intVal": 42, # The int value. 14170 "strVal": "A String", # The string value. 14171 "type": 42, # The type of the value. 14172 }, 14173 }, 14174 }, 14175 }, 14176 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14177 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14178 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14179 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14180 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14181 "A String", 14182 ], 14183 }, 14184 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14185 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14186 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14187 { # HTTPHeader describes a custom header to be used in HTTP probes 14188 "name": "A String", # The header field name 14189 "value": "A String", # The header field value 14190 }, 14191 ], 14192 "path": "A String", # Path to access on the HTTP server. +optional 14193 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14194 "intVal": 42, # The int value. 14195 "strVal": "A String", # The string value. 14196 "type": 42, # The type of the value. 14197 }, 14198 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14199 }, 14200 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14201 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14202 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14203 "intVal": 42, # The int value. 14204 "strVal": "A String", # The string value. 14205 "type": 42, # The type of the value. 14206 }, 14207 }, 14208 }, 14209 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14210 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14211 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14212 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14213 }, 14214 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14215 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14216 { # ContainerPort represents a network port in a single container. 14217 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14218 "hostIP": "A String", # What host IP to bind the external port to. +optional 14219 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14220 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14221 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14222 }, 14223 ], 14224 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14225 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14226 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14227 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14228 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14229 "A String", 14230 ], 14231 }, 14232 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14233 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14234 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14235 { # HTTPHeader describes a custom header to be used in HTTP probes 14236 "name": "A String", # The header field name 14237 "value": "A String", # The header field value 14238 }, 14239 ], 14240 "path": "A String", # Path to access on the HTTP server. +optional 14241 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14242 "intVal": 42, # The int value. 14243 "strVal": "A String", # The string value. 14244 "type": 42, # The type of the value. 14245 }, 14246 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14247 }, 14248 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14249 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14251 "intVal": 42, # The int value. 14252 "strVal": "A String", # The string value. 14253 "type": 42, # The type of the value. 14254 }, 14255 }, 14256 }, 14257 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14258 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14259 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14260 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14261 }, 14262 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14263 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14264 "a_key": "A String", 14265 }, 14266 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14267 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14268 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14269 }, 14270 }, 14271 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14272 "a_key": "A String", 14273 }, 14274 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14275 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14276 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14277 }, 14278 }, 14279 }, 14280 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14281 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14282 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14283 "add": [ # Added capabilities +optional 14284 "A String", 14285 ], 14286 "drop": [ # Removed capabilities +optional 14287 "A String", 14288 ], 14289 }, 14290 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14291 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14292 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14293 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14294 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14295 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14296 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14297 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14298 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14299 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14300 }, 14301 }, 14302 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14303 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14304 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14305 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14306 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14307 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14308 { # volumeDevice describes a mapping of a raw block device within a container. 14309 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14310 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14311 }, 14312 ], 14313 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14314 { # VolumeMount describes a mounting of a Volume within a container. 14315 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14316 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14317 "name": "A String", # This must match the Name of a Volume. 14318 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14319 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14320 }, 14321 ], 14322 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14323 }, 14324 ], 14325 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14326 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 14327 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 14328 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 14329 "volumes": [ 14330 { # Volume represents a named volume in a container. 14331 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 14332 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14333 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14334 { # Maps a string key to a path within a volume. 14335 "key": "A String", # The key to project. 14336 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14337 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14338 }, 14339 ], 14340 "name": "A String", # Name of the config. 14341 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14342 }, 14343 "name": "A String", # Volume's name. 14344 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 14345 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14346 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14347 { # Maps a string key to a path within a volume. 14348 "key": "A String", # The key to project. 14349 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14350 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14351 }, 14352 ], 14353 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14354 "secretName": "A String", # Name of the secret in the container's namespace to use. 14355 }, 14356 }, 14357 ], 14358 }, 14359 }, 14360 }, 14361 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 14362 }, 14363 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 14364 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 14365 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14366 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 14367 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 14368 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 14369 "a_key": "A String", 14370 }, 14371 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 14372 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14373 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 14374 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14375 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 14376 "A String", 14377 ], 14378 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 14379 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 14380 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 14381 "a_key": "A String", 14382 }, 14383 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 14384 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 14385 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 14386 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 14387 "apiVersion": "A String", # API version of the referent. 14388 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 14389 "controller": True or False, # If true, this reference points to the managing controller. +optional 14390 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 14391 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 14392 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 14393 }, 14394 ], 14395 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 14396 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 14397 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 14398 }, 14399 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 14400 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 14401 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 14402 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14403 "A String", 14404 ], 14405 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14406 "A String", 14407 ], 14408 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14409 { # EnvVar represents an environment variable present in a Container. 14410 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14411 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14412 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14413 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14414 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14415 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14416 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14417 }, 14418 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14419 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14420 }, 14421 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14422 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14423 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14424 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14425 }, 14426 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14427 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14428 }, 14429 }, 14430 }, 14431 ], 14432 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14433 { # EnvFromSource represents the source of a set of ConfigMaps 14434 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14435 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14436 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14437 }, 14438 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14439 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14440 }, 14441 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14442 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14443 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14444 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14445 }, 14446 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14447 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14448 }, 14449 }, 14450 ], 14451 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14452 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14453 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14454 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14455 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14456 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14457 "A String", 14458 ], 14459 }, 14460 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14461 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14462 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14463 { # HTTPHeader describes a custom header to be used in HTTP probes 14464 "name": "A String", # The header field name 14465 "value": "A String", # The header field value 14466 }, 14467 ], 14468 "path": "A String", # Path to access on the HTTP server. +optional 14469 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14470 "intVal": 42, # The int value. 14471 "strVal": "A String", # The string value. 14472 "type": 42, # The type of the value. 14473 }, 14474 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14475 }, 14476 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14477 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14478 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14479 "intVal": 42, # The int value. 14480 "strVal": "A String", # The string value. 14481 "type": 42, # The type of the value. 14482 }, 14483 }, 14484 }, 14485 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14486 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14487 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14488 "A String", 14489 ], 14490 }, 14491 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14492 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14493 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14494 { # HTTPHeader describes a custom header to be used in HTTP probes 14495 "name": "A String", # The header field name 14496 "value": "A String", # The header field value 14497 }, 14498 ], 14499 "path": "A String", # Path to access on the HTTP server. +optional 14500 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14501 "intVal": 42, # The int value. 14502 "strVal": "A String", # The string value. 14503 "type": 42, # The type of the value. 14504 }, 14505 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14506 }, 14507 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14508 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14509 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14510 "intVal": 42, # The int value. 14511 "strVal": "A String", # The string value. 14512 "type": 42, # The type of the value. 14513 }, 14514 }, 14515 }, 14516 }, 14517 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14518 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14519 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14520 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14521 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14522 "A String", 14523 ], 14524 }, 14525 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14526 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14527 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14528 { # HTTPHeader describes a custom header to be used in HTTP probes 14529 "name": "A String", # The header field name 14530 "value": "A String", # The header field value 14531 }, 14532 ], 14533 "path": "A String", # Path to access on the HTTP server. +optional 14534 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14535 "intVal": 42, # The int value. 14536 "strVal": "A String", # The string value. 14537 "type": 42, # The type of the value. 14538 }, 14539 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14540 }, 14541 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14542 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14543 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14544 "intVal": 42, # The int value. 14545 "strVal": "A String", # The string value. 14546 "type": 42, # The type of the value. 14547 }, 14548 }, 14549 }, 14550 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14551 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14552 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14553 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14554 }, 14555 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14556 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14557 { # ContainerPort represents a network port in a single container. 14558 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14559 "hostIP": "A String", # What host IP to bind the external port to. +optional 14560 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14561 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14562 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14563 }, 14564 ], 14565 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14566 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14567 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14568 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14569 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14570 "A String", 14571 ], 14572 }, 14573 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14574 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14575 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14576 { # HTTPHeader describes a custom header to be used in HTTP probes 14577 "name": "A String", # The header field name 14578 "value": "A String", # The header field value 14579 }, 14580 ], 14581 "path": "A String", # Path to access on the HTTP server. +optional 14582 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14583 "intVal": 42, # The int value. 14584 "strVal": "A String", # The string value. 14585 "type": 42, # The type of the value. 14586 }, 14587 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14588 }, 14589 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14590 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14591 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14592 "intVal": 42, # The int value. 14593 "strVal": "A String", # The string value. 14594 "type": 42, # The type of the value. 14595 }, 14596 }, 14597 }, 14598 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14599 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14600 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14601 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14602 }, 14603 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14604 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14605 "a_key": "A String", 14606 }, 14607 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14608 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14609 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14610 }, 14611 }, 14612 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14613 "a_key": "A String", 14614 }, 14615 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14616 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14617 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14618 }, 14619 }, 14620 }, 14621 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14622 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14623 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14624 "add": [ # Added capabilities +optional 14625 "A String", 14626 ], 14627 "drop": [ # Removed capabilities +optional 14628 "A String", 14629 ], 14630 }, 14631 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14632 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14633 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14634 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14635 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14636 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14637 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14638 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14639 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14640 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14641 }, 14642 }, 14643 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14644 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14645 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14646 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14647 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14648 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14649 { # volumeDevice describes a mapping of a raw block device within a container. 14650 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14651 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14652 }, 14653 ], 14654 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14655 { # VolumeMount describes a mounting of a Volume within a container. 14656 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14657 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14658 "name": "A String", # This must match the Name of a Volume. 14659 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14660 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14661 }, 14662 ], 14663 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14664 }, 14665 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 14666 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 14667 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 14668 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14669 "A String", 14670 ], 14671 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14672 "A String", 14673 ], 14674 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14675 { # EnvVar represents an environment variable present in a Container. 14676 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14677 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14678 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14679 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14680 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14681 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14682 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14683 }, 14684 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14685 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14686 }, 14687 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14688 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14689 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14690 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14691 }, 14692 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14693 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14694 }, 14695 }, 14696 }, 14697 ], 14698 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14699 { # EnvFromSource represents the source of a set of ConfigMaps 14700 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14701 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14702 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14703 }, 14704 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14705 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14706 }, 14707 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14708 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14709 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14710 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14711 }, 14712 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14713 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14714 }, 14715 }, 14716 ], 14717 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14718 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14719 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14720 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14721 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14722 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14723 "A String", 14724 ], 14725 }, 14726 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14727 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14728 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14729 { # HTTPHeader describes a custom header to be used in HTTP probes 14730 "name": "A String", # The header field name 14731 "value": "A String", # The header field value 14732 }, 14733 ], 14734 "path": "A String", # Path to access on the HTTP server. +optional 14735 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14736 "intVal": 42, # The int value. 14737 "strVal": "A String", # The string value. 14738 "type": 42, # The type of the value. 14739 }, 14740 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14741 }, 14742 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14743 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14744 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14745 "intVal": 42, # The int value. 14746 "strVal": "A String", # The string value. 14747 "type": 42, # The type of the value. 14748 }, 14749 }, 14750 }, 14751 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14752 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14753 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14754 "A String", 14755 ], 14756 }, 14757 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14758 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14759 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14760 { # HTTPHeader describes a custom header to be used in HTTP probes 14761 "name": "A String", # The header field name 14762 "value": "A String", # The header field value 14763 }, 14764 ], 14765 "path": "A String", # Path to access on the HTTP server. +optional 14766 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14767 "intVal": 42, # The int value. 14768 "strVal": "A String", # The string value. 14769 "type": 42, # The type of the value. 14770 }, 14771 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14772 }, 14773 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14774 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14775 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14776 "intVal": 42, # The int value. 14777 "strVal": "A String", # The string value. 14778 "type": 42, # The type of the value. 14779 }, 14780 }, 14781 }, 14782 }, 14783 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14784 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14785 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14786 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14787 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14788 "A String", 14789 ], 14790 }, 14791 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14792 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14793 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14794 { # HTTPHeader describes a custom header to be used in HTTP probes 14795 "name": "A String", # The header field name 14796 "value": "A String", # The header field value 14797 }, 14798 ], 14799 "path": "A String", # Path to access on the HTTP server. +optional 14800 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14801 "intVal": 42, # The int value. 14802 "strVal": "A String", # The string value. 14803 "type": 42, # The type of the value. 14804 }, 14805 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14806 }, 14807 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14808 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14809 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14810 "intVal": 42, # The int value. 14811 "strVal": "A String", # The string value. 14812 "type": 42, # The type of the value. 14813 }, 14814 }, 14815 }, 14816 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14817 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14818 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14819 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14820 }, 14821 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14822 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14823 { # ContainerPort represents a network port in a single container. 14824 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14825 "hostIP": "A String", # What host IP to bind the external port to. +optional 14826 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14827 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14828 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14829 }, 14830 ], 14831 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14832 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14833 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14834 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14835 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14836 "A String", 14837 ], 14838 }, 14839 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14840 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14841 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14842 { # HTTPHeader describes a custom header to be used in HTTP probes 14843 "name": "A String", # The header field name 14844 "value": "A String", # The header field value 14845 }, 14846 ], 14847 "path": "A String", # Path to access on the HTTP server. +optional 14848 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14849 "intVal": 42, # The int value. 14850 "strVal": "A String", # The string value. 14851 "type": 42, # The type of the value. 14852 }, 14853 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14854 }, 14855 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14856 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14857 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14858 "intVal": 42, # The int value. 14859 "strVal": "A String", # The string value. 14860 "type": 42, # The type of the value. 14861 }, 14862 }, 14863 }, 14864 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14865 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14866 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14867 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14868 }, 14869 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14870 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14871 "a_key": "A String", 14872 }, 14873 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14874 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14875 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14876 }, 14877 }, 14878 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14879 "a_key": "A String", 14880 }, 14881 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14882 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14883 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14884 }, 14885 }, 14886 }, 14887 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14888 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14889 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14890 "add": [ # Added capabilities +optional 14891 "A String", 14892 ], 14893 "drop": [ # Removed capabilities +optional 14894 "A String", 14895 ], 14896 }, 14897 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14898 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14899 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14900 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14901 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14902 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14903 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14904 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14905 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14906 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14907 }, 14908 }, 14909 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14910 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14911 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14912 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14913 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14914 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14915 { # volumeDevice describes a mapping of a raw block device within a container. 14916 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14917 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14918 }, 14919 ], 14920 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14921 { # VolumeMount describes a mounting of a Volume within a container. 14922 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14923 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14924 "name": "A String", # This must match the Name of a Volume. 14925 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14926 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14927 }, 14928 ], 14929 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14930 }, 14931 ], 14932 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14933 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 14934 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 14935 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 14936 "volumes": [ 14937 { # Volume represents a named volume in a container. 14938 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 14939 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14940 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14941 { # Maps a string key to a path within a volume. 14942 "key": "A String", # The key to project. 14943 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14944 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14945 }, 14946 ], 14947 "name": "A String", # Name of the config. 14948 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14949 }, 14950 "name": "A String", # Volume's name. 14951 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 14952 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14953 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14954 { # Maps a string key to a path within a volume. 14955 "key": "A String", # The key to project. 14956 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14957 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14958 }, 14959 ], 14960 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14961 "secretName": "A String", # Name of the secret in the container's namespace to use. 14962 }, 14963 }, 14964 ], 14965 }, 14966 }, 14967 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 14968 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 14969 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 14970 "a_key": "A String", 14971 }, 14972 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 14973 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14974 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 14975 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14976 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 14977 "A String", 14978 ], 14979 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 14980 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 14981 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 14982 "a_key": "A String", 14983 }, 14984 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 14985 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 14986 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 14987 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 14988 "apiVersion": "A String", # API version of the referent. 14989 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 14990 "controller": True or False, # If true, this reference points to the managing controller. +optional 14991 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 14992 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 14993 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 14994 }, 14995 ], 14996 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 14997 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 14998 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 14999 }, 15000 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 15001 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 15002 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 15003 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15004 "A String", 15005 ], 15006 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15007 "A String", 15008 ], 15009 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15010 { # EnvVar represents an environment variable present in a Container. 15011 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15012 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15013 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15014 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15015 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15016 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15017 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15018 }, 15019 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15020 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15021 }, 15022 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15023 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15024 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15025 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15026 }, 15027 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15028 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15029 }, 15030 }, 15031 }, 15032 ], 15033 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15034 { # EnvFromSource represents the source of a set of ConfigMaps 15035 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15036 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15037 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15038 }, 15039 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15040 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15041 }, 15042 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15043 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15044 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15045 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15046 }, 15047 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15048 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15049 }, 15050 }, 15051 ], 15052 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15053 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15054 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15055 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15056 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15057 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15058 "A String", 15059 ], 15060 }, 15061 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15062 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15063 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15064 { # HTTPHeader describes a custom header to be used in HTTP probes 15065 "name": "A String", # The header field name 15066 "value": "A String", # The header field value 15067 }, 15068 ], 15069 "path": "A String", # Path to access on the HTTP server. +optional 15070 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15071 "intVal": 42, # The int value. 15072 "strVal": "A String", # The string value. 15073 "type": 42, # The type of the value. 15074 }, 15075 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15076 }, 15077 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15078 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15079 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15080 "intVal": 42, # The int value. 15081 "strVal": "A String", # The string value. 15082 "type": 42, # The type of the value. 15083 }, 15084 }, 15085 }, 15086 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15087 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15088 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15089 "A String", 15090 ], 15091 }, 15092 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15093 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15094 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15095 { # HTTPHeader describes a custom header to be used in HTTP probes 15096 "name": "A String", # The header field name 15097 "value": "A String", # The header field value 15098 }, 15099 ], 15100 "path": "A String", # Path to access on the HTTP server. +optional 15101 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15102 "intVal": 42, # The int value. 15103 "strVal": "A String", # The string value. 15104 "type": 42, # The type of the value. 15105 }, 15106 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15107 }, 15108 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15109 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15110 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15111 "intVal": 42, # The int value. 15112 "strVal": "A String", # The string value. 15113 "type": 42, # The type of the value. 15114 }, 15115 }, 15116 }, 15117 }, 15118 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15119 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15120 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15121 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15122 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15123 "A String", 15124 ], 15125 }, 15126 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15127 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15128 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15129 { # HTTPHeader describes a custom header to be used in HTTP probes 15130 "name": "A String", # The header field name 15131 "value": "A String", # The header field value 15132 }, 15133 ], 15134 "path": "A String", # Path to access on the HTTP server. +optional 15135 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15136 "intVal": 42, # The int value. 15137 "strVal": "A String", # The string value. 15138 "type": 42, # The type of the value. 15139 }, 15140 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15141 }, 15142 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15143 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15144 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15145 "intVal": 42, # The int value. 15146 "strVal": "A String", # The string value. 15147 "type": 42, # The type of the value. 15148 }, 15149 }, 15150 }, 15151 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15152 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15153 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15154 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15155 }, 15156 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15157 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15158 { # ContainerPort represents a network port in a single container. 15159 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15160 "hostIP": "A String", # What host IP to bind the external port to. +optional 15161 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15162 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15163 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15164 }, 15165 ], 15166 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15167 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15168 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15169 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15170 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15171 "A String", 15172 ], 15173 }, 15174 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15175 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15176 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15177 { # HTTPHeader describes a custom header to be used in HTTP probes 15178 "name": "A String", # The header field name 15179 "value": "A String", # The header field value 15180 }, 15181 ], 15182 "path": "A String", # Path to access on the HTTP server. +optional 15183 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15184 "intVal": 42, # The int value. 15185 "strVal": "A String", # The string value. 15186 "type": 42, # The type of the value. 15187 }, 15188 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15189 }, 15190 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15191 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15192 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15193 "intVal": 42, # The int value. 15194 "strVal": "A String", # The string value. 15195 "type": 42, # The type of the value. 15196 }, 15197 }, 15198 }, 15199 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15200 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15201 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15202 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15203 }, 15204 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15205 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15206 "a_key": "A String", 15207 }, 15208 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15209 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15210 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15211 }, 15212 }, 15213 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15214 "a_key": "A String", 15215 }, 15216 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15217 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15218 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15219 }, 15220 }, 15221 }, 15222 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15223 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15224 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15225 "add": [ # Added capabilities +optional 15226 "A String", 15227 ], 15228 "drop": [ # Removed capabilities +optional 15229 "A String", 15230 ], 15231 }, 15232 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15233 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15234 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15235 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15236 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15237 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15238 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15239 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15240 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15241 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15242 }, 15243 }, 15244 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15245 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15246 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15247 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15248 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15249 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15250 { # volumeDevice describes a mapping of a raw block device within a container. 15251 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15252 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15253 }, 15254 ], 15255 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15256 { # VolumeMount describes a mounting of a Volume within a container. 15257 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15258 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15259 "name": "A String", # This must match the Name of a Volume. 15260 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15261 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15262 }, 15263 ], 15264 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15265 }, 15266 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 15267 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 15268 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 15269 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15270 "A String", 15271 ], 15272 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15273 "A String", 15274 ], 15275 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15276 { # EnvVar represents an environment variable present in a Container. 15277 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15278 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15279 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15280 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15281 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15282 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15283 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15284 }, 15285 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15286 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15287 }, 15288 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15289 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15290 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15291 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15292 }, 15293 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15294 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15295 }, 15296 }, 15297 }, 15298 ], 15299 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15300 { # EnvFromSource represents the source of a set of ConfigMaps 15301 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15302 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15303 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15304 }, 15305 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15306 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15307 }, 15308 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15309 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15310 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15311 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15312 }, 15313 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15314 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15315 }, 15316 }, 15317 ], 15318 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15319 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15320 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15321 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15322 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15323 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15324 "A String", 15325 ], 15326 }, 15327 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15328 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15329 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15330 { # HTTPHeader describes a custom header to be used in HTTP probes 15331 "name": "A String", # The header field name 15332 "value": "A String", # The header field value 15333 }, 15334 ], 15335 "path": "A String", # Path to access on the HTTP server. +optional 15336 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15337 "intVal": 42, # The int value. 15338 "strVal": "A String", # The string value. 15339 "type": 42, # The type of the value. 15340 }, 15341 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15342 }, 15343 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15344 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15345 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15346 "intVal": 42, # The int value. 15347 "strVal": "A String", # The string value. 15348 "type": 42, # The type of the value. 15349 }, 15350 }, 15351 }, 15352 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15353 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15354 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15355 "A String", 15356 ], 15357 }, 15358 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15359 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15360 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15361 { # HTTPHeader describes a custom header to be used in HTTP probes 15362 "name": "A String", # The header field name 15363 "value": "A String", # The header field value 15364 }, 15365 ], 15366 "path": "A String", # Path to access on the HTTP server. +optional 15367 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15368 "intVal": 42, # The int value. 15369 "strVal": "A String", # The string value. 15370 "type": 42, # The type of the value. 15371 }, 15372 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15373 }, 15374 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15375 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15376 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15377 "intVal": 42, # The int value. 15378 "strVal": "A String", # The string value. 15379 "type": 42, # The type of the value. 15380 }, 15381 }, 15382 }, 15383 }, 15384 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15385 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15386 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15387 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15388 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15389 "A String", 15390 ], 15391 }, 15392 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15393 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15394 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15395 { # HTTPHeader describes a custom header to be used in HTTP probes 15396 "name": "A String", # The header field name 15397 "value": "A String", # The header field value 15398 }, 15399 ], 15400 "path": "A String", # Path to access on the HTTP server. +optional 15401 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15402 "intVal": 42, # The int value. 15403 "strVal": "A String", # The string value. 15404 "type": 42, # The type of the value. 15405 }, 15406 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15407 }, 15408 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15409 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15410 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15411 "intVal": 42, # The int value. 15412 "strVal": "A String", # The string value. 15413 "type": 42, # The type of the value. 15414 }, 15415 }, 15416 }, 15417 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15418 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15419 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15420 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15421 }, 15422 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15423 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15424 { # ContainerPort represents a network port in a single container. 15425 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15426 "hostIP": "A String", # What host IP to bind the external port to. +optional 15427 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15428 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15429 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15430 }, 15431 ], 15432 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15433 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15434 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15435 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15436 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15437 "A String", 15438 ], 15439 }, 15440 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15441 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15442 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15443 { # HTTPHeader describes a custom header to be used in HTTP probes 15444 "name": "A String", # The header field name 15445 "value": "A String", # The header field value 15446 }, 15447 ], 15448 "path": "A String", # Path to access on the HTTP server. +optional 15449 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15450 "intVal": 42, # The int value. 15451 "strVal": "A String", # The string value. 15452 "type": 42, # The type of the value. 15453 }, 15454 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15455 }, 15456 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15457 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15458 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15459 "intVal": 42, # The int value. 15460 "strVal": "A String", # The string value. 15461 "type": 42, # The type of the value. 15462 }, 15463 }, 15464 }, 15465 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15466 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15467 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15468 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15469 }, 15470 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15471 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15472 "a_key": "A String", 15473 }, 15474 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15475 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15476 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15477 }, 15478 }, 15479 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15480 "a_key": "A String", 15481 }, 15482 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15483 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15484 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15485 }, 15486 }, 15487 }, 15488 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15489 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15490 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15491 "add": [ # Added capabilities +optional 15492 "A String", 15493 ], 15494 "drop": [ # Removed capabilities +optional 15495 "A String", 15496 ], 15497 }, 15498 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15499 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15500 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15501 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15502 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15503 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15504 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15505 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15506 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15507 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15508 }, 15509 }, 15510 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15511 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15512 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15513 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15514 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15515 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15516 { # volumeDevice describes a mapping of a raw block device within a container. 15517 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15518 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15519 }, 15520 ], 15521 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15522 { # VolumeMount describes a mounting of a Volume within a container. 15523 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15524 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15525 "name": "A String", # This must match the Name of a Volume. 15526 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15527 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15528 }, 15529 ], 15530 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15531 }, 15532 ], 15533 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 15534 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 15535 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 15536 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 15537 "volumes": [ 15538 { # Volume represents a named volume in a container. 15539 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 15540 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 15541 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 15542 { # Maps a string key to a path within a volume. 15543 "key": "A String", # The key to project. 15544 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15545 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15546 }, 15547 ], 15548 "name": "A String", # Name of the config. 15549 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15550 }, 15551 "name": "A String", # Volume's name. 15552 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 15553 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 15554 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 15555 { # Maps a string key to a path within a volume. 15556 "key": "A String", # The key to project. 15557 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15558 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15559 }, 15560 ], 15561 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15562 "secretName": "A String", # Name of the secret in the container's namespace to use. 15563 }, 15564 }, 15565 ], 15566 }, 15567 }, 15568 }, 15569 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 15570 "A String", 15571 ], 15572 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 15573 }, 15574 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 15575 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 15576 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 15577 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 15578 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 15579 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 15580 "a_key": "A String", 15581 }, 15582 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 15583 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15584 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 15585 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15586 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 15587 "A String", 15588 ], 15589 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 15590 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 15591 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 15592 "a_key": "A String", 15593 }, 15594 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 15595 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 15596 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 15597 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 15598 "apiVersion": "A String", # API version of the referent. 15599 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 15600 "controller": True or False, # If true, this reference points to the managing controller. +optional 15601 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 15602 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 15603 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 15604 }, 15605 ], 15606 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 15607 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 15608 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 15609 }, 15610 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 15611 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 15612 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 15613 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15614 "A String", 15615 ], 15616 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15617 "A String", 15618 ], 15619 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15620 { # EnvVar represents an environment variable present in a Container. 15621 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15622 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15623 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15624 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15625 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15626 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15627 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15628 }, 15629 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15630 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15631 }, 15632 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15633 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15634 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15635 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15636 }, 15637 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15638 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15639 }, 15640 }, 15641 }, 15642 ], 15643 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15644 { # EnvFromSource represents the source of a set of ConfigMaps 15645 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15646 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15647 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15648 }, 15649 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15650 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15651 }, 15652 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15653 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15654 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15655 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15656 }, 15657 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15658 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15659 }, 15660 }, 15661 ], 15662 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15663 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15664 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15665 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15666 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15667 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15668 "A String", 15669 ], 15670 }, 15671 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15672 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15673 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15674 { # HTTPHeader describes a custom header to be used in HTTP probes 15675 "name": "A String", # The header field name 15676 "value": "A String", # The header field value 15677 }, 15678 ], 15679 "path": "A String", # Path to access on the HTTP server. +optional 15680 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15681 "intVal": 42, # The int value. 15682 "strVal": "A String", # The string value. 15683 "type": 42, # The type of the value. 15684 }, 15685 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15686 }, 15687 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15688 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15689 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15690 "intVal": 42, # The int value. 15691 "strVal": "A String", # The string value. 15692 "type": 42, # The type of the value. 15693 }, 15694 }, 15695 }, 15696 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15697 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15698 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15699 "A String", 15700 ], 15701 }, 15702 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15703 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15704 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15705 { # HTTPHeader describes a custom header to be used in HTTP probes 15706 "name": "A String", # The header field name 15707 "value": "A String", # The header field value 15708 }, 15709 ], 15710 "path": "A String", # Path to access on the HTTP server. +optional 15711 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15712 "intVal": 42, # The int value. 15713 "strVal": "A String", # The string value. 15714 "type": 42, # The type of the value. 15715 }, 15716 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15717 }, 15718 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15719 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15720 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15721 "intVal": 42, # The int value. 15722 "strVal": "A String", # The string value. 15723 "type": 42, # The type of the value. 15724 }, 15725 }, 15726 }, 15727 }, 15728 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15729 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15730 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15731 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15732 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15733 "A String", 15734 ], 15735 }, 15736 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15737 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15738 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15739 { # HTTPHeader describes a custom header to be used in HTTP probes 15740 "name": "A String", # The header field name 15741 "value": "A String", # The header field value 15742 }, 15743 ], 15744 "path": "A String", # Path to access on the HTTP server. +optional 15745 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15746 "intVal": 42, # The int value. 15747 "strVal": "A String", # The string value. 15748 "type": 42, # The type of the value. 15749 }, 15750 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15751 }, 15752 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15753 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15754 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15755 "intVal": 42, # The int value. 15756 "strVal": "A String", # The string value. 15757 "type": 42, # The type of the value. 15758 }, 15759 }, 15760 }, 15761 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15762 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15763 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15764 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15765 }, 15766 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15767 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15768 { # ContainerPort represents a network port in a single container. 15769 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15770 "hostIP": "A String", # What host IP to bind the external port to. +optional 15771 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15772 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15773 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15774 }, 15775 ], 15776 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15777 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15778 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15779 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15780 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15781 "A String", 15782 ], 15783 }, 15784 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15785 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15786 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15787 { # HTTPHeader describes a custom header to be used in HTTP probes 15788 "name": "A String", # The header field name 15789 "value": "A String", # The header field value 15790 }, 15791 ], 15792 "path": "A String", # Path to access on the HTTP server. +optional 15793 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15794 "intVal": 42, # The int value. 15795 "strVal": "A String", # The string value. 15796 "type": 42, # The type of the value. 15797 }, 15798 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15799 }, 15800 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15801 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15802 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15803 "intVal": 42, # The int value. 15804 "strVal": "A String", # The string value. 15805 "type": 42, # The type of the value. 15806 }, 15807 }, 15808 }, 15809 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15810 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15811 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15812 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15813 }, 15814 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15815 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15816 "a_key": "A String", 15817 }, 15818 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15819 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15820 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15821 }, 15822 }, 15823 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15824 "a_key": "A String", 15825 }, 15826 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15827 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15828 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15829 }, 15830 }, 15831 }, 15832 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15833 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15834 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15835 "add": [ # Added capabilities +optional 15836 "A String", 15837 ], 15838 "drop": [ # Removed capabilities +optional 15839 "A String", 15840 ], 15841 }, 15842 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15843 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15844 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15845 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15846 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15847 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15848 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15849 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15850 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15851 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15852 }, 15853 }, 15854 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15855 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15856 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15857 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15858 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15859 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15860 { # volumeDevice describes a mapping of a raw block device within a container. 15861 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15862 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15863 }, 15864 ], 15865 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15866 { # VolumeMount describes a mounting of a Volume within a container. 15867 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15868 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15869 "name": "A String", # This must match the Name of a Volume. 15870 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15871 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15872 }, 15873 ], 15874 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15875 }, 15876 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 15877 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 15878 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 15879 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15880 "A String", 15881 ], 15882 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15883 "A String", 15884 ], 15885 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15886 { # EnvVar represents an environment variable present in a Container. 15887 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15888 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15889 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15890 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15891 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15892 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15893 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15894 }, 15895 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15896 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15897 }, 15898 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15899 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15900 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15901 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15902 }, 15903 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15904 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15905 }, 15906 }, 15907 }, 15908 ], 15909 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15910 { # EnvFromSource represents the source of a set of ConfigMaps 15911 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15912 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15913 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15914 }, 15915 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15916 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15917 }, 15918 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15919 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15920 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15921 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15922 }, 15923 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15924 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15925 }, 15926 }, 15927 ], 15928 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15929 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15930 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15931 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15932 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15933 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15934 "A String", 15935 ], 15936 }, 15937 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15938 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15939 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15940 { # HTTPHeader describes a custom header to be used in HTTP probes 15941 "name": "A String", # The header field name 15942 "value": "A String", # The header field value 15943 }, 15944 ], 15945 "path": "A String", # Path to access on the HTTP server. +optional 15946 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15947 "intVal": 42, # The int value. 15948 "strVal": "A String", # The string value. 15949 "type": 42, # The type of the value. 15950 }, 15951 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15952 }, 15953 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15954 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15955 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15956 "intVal": 42, # The int value. 15957 "strVal": "A String", # The string value. 15958 "type": 42, # The type of the value. 15959 }, 15960 }, 15961 }, 15962 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15963 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15964 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15965 "A String", 15966 ], 15967 }, 15968 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15969 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15970 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15971 { # HTTPHeader describes a custom header to be used in HTTP probes 15972 "name": "A String", # The header field name 15973 "value": "A String", # The header field value 15974 }, 15975 ], 15976 "path": "A String", # Path to access on the HTTP server. +optional 15977 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15978 "intVal": 42, # The int value. 15979 "strVal": "A String", # The string value. 15980 "type": 42, # The type of the value. 15981 }, 15982 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15983 }, 15984 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15985 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15986 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15987 "intVal": 42, # The int value. 15988 "strVal": "A String", # The string value. 15989 "type": 42, # The type of the value. 15990 }, 15991 }, 15992 }, 15993 }, 15994 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15995 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15996 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15997 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15998 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15999 "A String", 16000 ], 16001 }, 16002 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16003 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16004 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16005 { # HTTPHeader describes a custom header to be used in HTTP probes 16006 "name": "A String", # The header field name 16007 "value": "A String", # The header field value 16008 }, 16009 ], 16010 "path": "A String", # Path to access on the HTTP server. +optional 16011 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16012 "intVal": 42, # The int value. 16013 "strVal": "A String", # The string value. 16014 "type": 42, # The type of the value. 16015 }, 16016 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16017 }, 16018 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16019 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16020 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16021 "intVal": 42, # The int value. 16022 "strVal": "A String", # The string value. 16023 "type": 42, # The type of the value. 16024 }, 16025 }, 16026 }, 16027 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16028 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16029 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16030 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16031 }, 16032 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16033 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16034 { # ContainerPort represents a network port in a single container. 16035 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16036 "hostIP": "A String", # What host IP to bind the external port to. +optional 16037 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16038 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16039 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16040 }, 16041 ], 16042 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16043 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16044 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16045 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16046 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16047 "A String", 16048 ], 16049 }, 16050 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16051 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16052 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16053 { # HTTPHeader describes a custom header to be used in HTTP probes 16054 "name": "A String", # The header field name 16055 "value": "A String", # The header field value 16056 }, 16057 ], 16058 "path": "A String", # Path to access on the HTTP server. +optional 16059 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16060 "intVal": 42, # The int value. 16061 "strVal": "A String", # The string value. 16062 "type": 42, # The type of the value. 16063 }, 16064 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16065 }, 16066 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16067 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16068 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16069 "intVal": 42, # The int value. 16070 "strVal": "A String", # The string value. 16071 "type": 42, # The type of the value. 16072 }, 16073 }, 16074 }, 16075 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16076 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16077 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16078 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16079 }, 16080 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16081 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16082 "a_key": "A String", 16083 }, 16084 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16085 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16086 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16087 }, 16088 }, 16089 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16090 "a_key": "A String", 16091 }, 16092 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16093 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16094 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16095 }, 16096 }, 16097 }, 16098 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16099 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16100 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16101 "add": [ # Added capabilities +optional 16102 "A String", 16103 ], 16104 "drop": [ # Removed capabilities +optional 16105 "A String", 16106 ], 16107 }, 16108 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16109 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16110 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16111 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16112 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16113 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16114 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16115 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16116 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16117 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16118 }, 16119 }, 16120 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16121 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16122 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16123 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16124 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16125 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16126 { # volumeDevice describes a mapping of a raw block device within a container. 16127 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16128 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16129 }, 16130 ], 16131 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16132 { # VolumeMount describes a mounting of a Volume within a container. 16133 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16134 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16135 "name": "A String", # This must match the Name of a Volume. 16136 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16137 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16138 }, 16139 ], 16140 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16141 }, 16142 ], 16143 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 16144 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 16145 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 16146 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 16147 "volumes": [ 16148 { # Volume represents a named volume in a container. 16149 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 16150 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16151 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16152 { # Maps a string key to a path within a volume. 16153 "key": "A String", # The key to project. 16154 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16155 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16156 }, 16157 ], 16158 "name": "A String", # Name of the config. 16159 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16160 }, 16161 "name": "A String", # Volume's name. 16162 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 16163 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16164 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16165 { # Maps a string key to a path within a volume. 16166 "key": "A String", # The key to project. 16167 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16168 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16169 }, 16170 ], 16171 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16172 "secretName": "A String", # Name of the secret in the container's namespace to use. 16173 }, 16174 }, 16175 ], 16176 }, 16177 }, 16178 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 16179 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 16180 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 16181 "a_key": "A String", 16182 }, 16183 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 16184 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16185 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 16186 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16187 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 16188 "A String", 16189 ], 16190 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 16191 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 16192 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 16193 "a_key": "A String", 16194 }, 16195 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 16196 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 16197 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 16198 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 16199 "apiVersion": "A String", # API version of the referent. 16200 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 16201 "controller": True or False, # If true, this reference points to the managing controller. +optional 16202 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 16203 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 16204 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 16205 }, 16206 ], 16207 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 16208 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 16209 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 16210 }, 16211 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 16212 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 16213 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 16214 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16215 "A String", 16216 ], 16217 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16218 "A String", 16219 ], 16220 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16221 { # EnvVar represents an environment variable present in a Container. 16222 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16223 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16224 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16225 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16226 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16227 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16228 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16229 }, 16230 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16231 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16232 }, 16233 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16234 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16235 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16236 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16237 }, 16238 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16239 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16240 }, 16241 }, 16242 }, 16243 ], 16244 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16245 { # EnvFromSource represents the source of a set of ConfigMaps 16246 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16247 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16248 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16249 }, 16250 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16251 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16252 }, 16253 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16254 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16255 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16256 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16257 }, 16258 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16259 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16260 }, 16261 }, 16262 ], 16263 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16264 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16265 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16266 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16267 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16268 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16269 "A String", 16270 ], 16271 }, 16272 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16273 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16274 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16275 { # HTTPHeader describes a custom header to be used in HTTP probes 16276 "name": "A String", # The header field name 16277 "value": "A String", # The header field value 16278 }, 16279 ], 16280 "path": "A String", # Path to access on the HTTP server. +optional 16281 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16282 "intVal": 42, # The int value. 16283 "strVal": "A String", # The string value. 16284 "type": 42, # The type of the value. 16285 }, 16286 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16287 }, 16288 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16289 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16290 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16291 "intVal": 42, # The int value. 16292 "strVal": "A String", # The string value. 16293 "type": 42, # The type of the value. 16294 }, 16295 }, 16296 }, 16297 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16298 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16299 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16300 "A String", 16301 ], 16302 }, 16303 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16304 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16305 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16306 { # HTTPHeader describes a custom header to be used in HTTP probes 16307 "name": "A String", # The header field name 16308 "value": "A String", # The header field value 16309 }, 16310 ], 16311 "path": "A String", # Path to access on the HTTP server. +optional 16312 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16313 "intVal": 42, # The int value. 16314 "strVal": "A String", # The string value. 16315 "type": 42, # The type of the value. 16316 }, 16317 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16318 }, 16319 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16320 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16321 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16322 "intVal": 42, # The int value. 16323 "strVal": "A String", # The string value. 16324 "type": 42, # The type of the value. 16325 }, 16326 }, 16327 }, 16328 }, 16329 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16330 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16331 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16332 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16333 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16334 "A String", 16335 ], 16336 }, 16337 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16338 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16339 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16340 { # HTTPHeader describes a custom header to be used in HTTP probes 16341 "name": "A String", # The header field name 16342 "value": "A String", # The header field value 16343 }, 16344 ], 16345 "path": "A String", # Path to access on the HTTP server. +optional 16346 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16347 "intVal": 42, # The int value. 16348 "strVal": "A String", # The string value. 16349 "type": 42, # The type of the value. 16350 }, 16351 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16352 }, 16353 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16354 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16355 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16356 "intVal": 42, # The int value. 16357 "strVal": "A String", # The string value. 16358 "type": 42, # The type of the value. 16359 }, 16360 }, 16361 }, 16362 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16363 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16364 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16365 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16366 }, 16367 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16368 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16369 { # ContainerPort represents a network port in a single container. 16370 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16371 "hostIP": "A String", # What host IP to bind the external port to. +optional 16372 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16373 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16374 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16375 }, 16376 ], 16377 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16378 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16379 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16380 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16381 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16382 "A String", 16383 ], 16384 }, 16385 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16386 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16387 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16388 { # HTTPHeader describes a custom header to be used in HTTP probes 16389 "name": "A String", # The header field name 16390 "value": "A String", # The header field value 16391 }, 16392 ], 16393 "path": "A String", # Path to access on the HTTP server. +optional 16394 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16395 "intVal": 42, # The int value. 16396 "strVal": "A String", # The string value. 16397 "type": 42, # The type of the value. 16398 }, 16399 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16400 }, 16401 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16402 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16403 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16404 "intVal": 42, # The int value. 16405 "strVal": "A String", # The string value. 16406 "type": 42, # The type of the value. 16407 }, 16408 }, 16409 }, 16410 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16411 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16412 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16413 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16414 }, 16415 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16416 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16417 "a_key": "A String", 16418 }, 16419 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16420 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16421 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16422 }, 16423 }, 16424 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16425 "a_key": "A String", 16426 }, 16427 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16428 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16429 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16430 }, 16431 }, 16432 }, 16433 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16434 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16435 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16436 "add": [ # Added capabilities +optional 16437 "A String", 16438 ], 16439 "drop": [ # Removed capabilities +optional 16440 "A String", 16441 ], 16442 }, 16443 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16444 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16445 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16446 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16447 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16448 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16449 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16450 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16451 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16452 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16453 }, 16454 }, 16455 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16456 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16457 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16458 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16459 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16460 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16461 { # volumeDevice describes a mapping of a raw block device within a container. 16462 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16463 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16464 }, 16465 ], 16466 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16467 { # VolumeMount describes a mounting of a Volume within a container. 16468 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16469 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16470 "name": "A String", # This must match the Name of a Volume. 16471 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16472 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16473 }, 16474 ], 16475 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16476 }, 16477 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 16478 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 16479 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 16480 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16481 "A String", 16482 ], 16483 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16484 "A String", 16485 ], 16486 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16487 { # EnvVar represents an environment variable present in a Container. 16488 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16489 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16490 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16491 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16492 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16493 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16494 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16495 }, 16496 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16497 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16498 }, 16499 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16500 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16501 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16502 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16503 }, 16504 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16505 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16506 }, 16507 }, 16508 }, 16509 ], 16510 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16511 { # EnvFromSource represents the source of a set of ConfigMaps 16512 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16513 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16514 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16515 }, 16516 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16517 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16518 }, 16519 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16520 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16521 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16522 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16523 }, 16524 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16525 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16526 }, 16527 }, 16528 ], 16529 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16530 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16531 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16532 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16533 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16534 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16535 "A String", 16536 ], 16537 }, 16538 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16539 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16540 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16541 { # HTTPHeader describes a custom header to be used in HTTP probes 16542 "name": "A String", # The header field name 16543 "value": "A String", # The header field value 16544 }, 16545 ], 16546 "path": "A String", # Path to access on the HTTP server. +optional 16547 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16548 "intVal": 42, # The int value. 16549 "strVal": "A String", # The string value. 16550 "type": 42, # The type of the value. 16551 }, 16552 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16553 }, 16554 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16555 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16556 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16557 "intVal": 42, # The int value. 16558 "strVal": "A String", # The string value. 16559 "type": 42, # The type of the value. 16560 }, 16561 }, 16562 }, 16563 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16564 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16565 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16566 "A String", 16567 ], 16568 }, 16569 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16570 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16571 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16572 { # HTTPHeader describes a custom header to be used in HTTP probes 16573 "name": "A String", # The header field name 16574 "value": "A String", # The header field value 16575 }, 16576 ], 16577 "path": "A String", # Path to access on the HTTP server. +optional 16578 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16579 "intVal": 42, # The int value. 16580 "strVal": "A String", # The string value. 16581 "type": 42, # The type of the value. 16582 }, 16583 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16584 }, 16585 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16586 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16587 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16588 "intVal": 42, # The int value. 16589 "strVal": "A String", # The string value. 16590 "type": 42, # The type of the value. 16591 }, 16592 }, 16593 }, 16594 }, 16595 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16596 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16597 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16598 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16599 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16600 "A String", 16601 ], 16602 }, 16603 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16604 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16605 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16606 { # HTTPHeader describes a custom header to be used in HTTP probes 16607 "name": "A String", # The header field name 16608 "value": "A String", # The header field value 16609 }, 16610 ], 16611 "path": "A String", # Path to access on the HTTP server. +optional 16612 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16613 "intVal": 42, # The int value. 16614 "strVal": "A String", # The string value. 16615 "type": 42, # The type of the value. 16616 }, 16617 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16618 }, 16619 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16620 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16621 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16622 "intVal": 42, # The int value. 16623 "strVal": "A String", # The string value. 16624 "type": 42, # The type of the value. 16625 }, 16626 }, 16627 }, 16628 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16629 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16630 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16631 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16632 }, 16633 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16634 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16635 { # ContainerPort represents a network port in a single container. 16636 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16637 "hostIP": "A String", # What host IP to bind the external port to. +optional 16638 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16639 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16640 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16641 }, 16642 ], 16643 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16644 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16645 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16646 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16647 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16648 "A String", 16649 ], 16650 }, 16651 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16652 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16653 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16654 { # HTTPHeader describes a custom header to be used in HTTP probes 16655 "name": "A String", # The header field name 16656 "value": "A String", # The header field value 16657 }, 16658 ], 16659 "path": "A String", # Path to access on the HTTP server. +optional 16660 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16661 "intVal": 42, # The int value. 16662 "strVal": "A String", # The string value. 16663 "type": 42, # The type of the value. 16664 }, 16665 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16666 }, 16667 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16668 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16670 "intVal": 42, # The int value. 16671 "strVal": "A String", # The string value. 16672 "type": 42, # The type of the value. 16673 }, 16674 }, 16675 }, 16676 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16677 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16678 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16679 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16680 }, 16681 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16682 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16683 "a_key": "A String", 16684 }, 16685 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16686 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16687 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16688 }, 16689 }, 16690 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16691 "a_key": "A String", 16692 }, 16693 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16694 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16695 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16696 }, 16697 }, 16698 }, 16699 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16700 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16701 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16702 "add": [ # Added capabilities +optional 16703 "A String", 16704 ], 16705 "drop": [ # Removed capabilities +optional 16706 "A String", 16707 ], 16708 }, 16709 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16710 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16711 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16712 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16713 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16714 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16715 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16716 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16717 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16718 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16719 }, 16720 }, 16721 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16722 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16723 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16724 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16725 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16726 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16727 { # volumeDevice describes a mapping of a raw block device within a container. 16728 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16729 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16730 }, 16731 ], 16732 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16733 { # VolumeMount describes a mounting of a Volume within a container. 16734 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16735 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16736 "name": "A String", # This must match the Name of a Volume. 16737 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16738 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16739 }, 16740 ], 16741 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16742 }, 16743 ], 16744 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 16745 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 16746 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 16747 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 16748 "volumes": [ 16749 { # Volume represents a named volume in a container. 16750 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 16751 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16752 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16753 { # Maps a string key to a path within a volume. 16754 "key": "A String", # The key to project. 16755 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16756 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16757 }, 16758 ], 16759 "name": "A String", # Name of the config. 16760 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16761 }, 16762 "name": "A String", # Volume's name. 16763 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 16764 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16765 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16766 { # Maps a string key to a path within a volume. 16767 "key": "A String", # The key to project. 16768 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16769 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16770 }, 16771 ], 16772 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16773 "secretName": "A String", # Name of the secret in the container's namespace to use. 16774 }, 16775 }, 16776 ], 16777 }, 16778 }, 16779 }, 16780 }, 16781 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 16782 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 16783 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 16784 "a_key": "A String", 16785 }, 16786 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 16787 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16788 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 16789 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16790 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 16791 "A String", 16792 ], 16793 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 16794 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 16795 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 16796 "a_key": "A String", 16797 }, 16798 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 16799 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 16800 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 16801 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 16802 "apiVersion": "A String", # API version of the referent. 16803 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 16804 "controller": True or False, # If true, this reference points to the managing controller. +optional 16805 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 16806 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 16807 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 16808 }, 16809 ], 16810 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 16811 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 16812 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 16813 }, 16814 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 16815 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 16816 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 16817 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16818 "A String", 16819 ], 16820 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16821 "A String", 16822 ], 16823 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16824 { # EnvVar represents an environment variable present in a Container. 16825 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16826 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16827 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16828 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16829 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16830 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16831 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16832 }, 16833 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16834 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16835 }, 16836 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16837 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16838 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16839 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16840 }, 16841 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16842 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16843 }, 16844 }, 16845 }, 16846 ], 16847 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16848 { # EnvFromSource represents the source of a set of ConfigMaps 16849 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16850 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16851 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16852 }, 16853 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16854 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16855 }, 16856 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16857 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16858 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16859 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16860 }, 16861 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16862 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16863 }, 16864 }, 16865 ], 16866 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16867 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16868 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16869 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16870 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16871 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16872 "A String", 16873 ], 16874 }, 16875 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16876 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16877 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16878 { # HTTPHeader describes a custom header to be used in HTTP probes 16879 "name": "A String", # The header field name 16880 "value": "A String", # The header field value 16881 }, 16882 ], 16883 "path": "A String", # Path to access on the HTTP server. +optional 16884 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16885 "intVal": 42, # The int value. 16886 "strVal": "A String", # The string value. 16887 "type": 42, # The type of the value. 16888 }, 16889 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16890 }, 16891 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16892 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16893 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16894 "intVal": 42, # The int value. 16895 "strVal": "A String", # The string value. 16896 "type": 42, # The type of the value. 16897 }, 16898 }, 16899 }, 16900 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16901 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16902 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16903 "A String", 16904 ], 16905 }, 16906 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16907 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16908 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16909 { # HTTPHeader describes a custom header to be used in HTTP probes 16910 "name": "A String", # The header field name 16911 "value": "A String", # The header field value 16912 }, 16913 ], 16914 "path": "A String", # Path to access on the HTTP server. +optional 16915 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16916 "intVal": 42, # The int value. 16917 "strVal": "A String", # The string value. 16918 "type": 42, # The type of the value. 16919 }, 16920 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16921 }, 16922 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16923 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16924 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16925 "intVal": 42, # The int value. 16926 "strVal": "A String", # The string value. 16927 "type": 42, # The type of the value. 16928 }, 16929 }, 16930 }, 16931 }, 16932 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16933 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16934 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16935 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16936 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16937 "A String", 16938 ], 16939 }, 16940 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16941 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16942 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16943 { # HTTPHeader describes a custom header to be used in HTTP probes 16944 "name": "A String", # The header field name 16945 "value": "A String", # The header field value 16946 }, 16947 ], 16948 "path": "A String", # Path to access on the HTTP server. +optional 16949 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16950 "intVal": 42, # The int value. 16951 "strVal": "A String", # The string value. 16952 "type": 42, # The type of the value. 16953 }, 16954 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16955 }, 16956 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16957 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16958 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16959 "intVal": 42, # The int value. 16960 "strVal": "A String", # The string value. 16961 "type": 42, # The type of the value. 16962 }, 16963 }, 16964 }, 16965 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16966 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16967 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16968 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16969 }, 16970 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16971 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16972 { # ContainerPort represents a network port in a single container. 16973 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16974 "hostIP": "A String", # What host IP to bind the external port to. +optional 16975 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16976 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16977 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16978 }, 16979 ], 16980 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16981 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16982 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16983 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16984 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16985 "A String", 16986 ], 16987 }, 16988 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16989 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16990 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16991 { # HTTPHeader describes a custom header to be used in HTTP probes 16992 "name": "A String", # The header field name 16993 "value": "A String", # The header field value 16994 }, 16995 ], 16996 "path": "A String", # Path to access on the HTTP server. +optional 16997 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16998 "intVal": 42, # The int value. 16999 "strVal": "A String", # The string value. 17000 "type": 42, # The type of the value. 17001 }, 17002 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17003 }, 17004 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17005 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17006 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17007 "intVal": 42, # The int value. 17008 "strVal": "A String", # The string value. 17009 "type": 42, # The type of the value. 17010 }, 17011 }, 17012 }, 17013 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17014 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17015 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17016 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17017 }, 17018 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17019 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17020 "a_key": "A String", 17021 }, 17022 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17023 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17024 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17025 }, 17026 }, 17027 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17028 "a_key": "A String", 17029 }, 17030 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17031 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17032 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17033 }, 17034 }, 17035 }, 17036 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17037 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17038 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17039 "add": [ # Added capabilities +optional 17040 "A String", 17041 ], 17042 "drop": [ # Removed capabilities +optional 17043 "A String", 17044 ], 17045 }, 17046 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17047 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17048 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17049 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17050 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17051 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17052 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17053 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17054 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17055 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17056 }, 17057 }, 17058 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17059 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17060 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17061 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17062 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17063 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17064 { # volumeDevice describes a mapping of a raw block device within a container. 17065 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17066 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17067 }, 17068 ], 17069 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17070 { # VolumeMount describes a mounting of a Volume within a container. 17071 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17072 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17073 "name": "A String", # This must match the Name of a Volume. 17074 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17075 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17076 }, 17077 ], 17078 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17079 }, 17080 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 17081 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 17082 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 17083 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17084 "A String", 17085 ], 17086 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17087 "A String", 17088 ], 17089 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17090 { # EnvVar represents an environment variable present in a Container. 17091 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17092 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17093 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17094 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17095 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17096 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17097 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17098 }, 17099 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17100 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17101 }, 17102 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17103 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17104 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17105 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17106 }, 17107 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17108 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17109 }, 17110 }, 17111 }, 17112 ], 17113 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17114 { # EnvFromSource represents the source of a set of ConfigMaps 17115 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17116 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17117 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17118 }, 17119 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17120 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17121 }, 17122 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17123 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17124 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17125 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17126 }, 17127 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17128 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17129 }, 17130 }, 17131 ], 17132 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17133 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17134 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17135 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17136 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17137 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17138 "A String", 17139 ], 17140 }, 17141 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17142 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17143 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17144 { # HTTPHeader describes a custom header to be used in HTTP probes 17145 "name": "A String", # The header field name 17146 "value": "A String", # The header field value 17147 }, 17148 ], 17149 "path": "A String", # Path to access on the HTTP server. +optional 17150 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17151 "intVal": 42, # The int value. 17152 "strVal": "A String", # The string value. 17153 "type": 42, # The type of the value. 17154 }, 17155 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17156 }, 17157 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17158 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17159 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17160 "intVal": 42, # The int value. 17161 "strVal": "A String", # The string value. 17162 "type": 42, # The type of the value. 17163 }, 17164 }, 17165 }, 17166 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17167 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17168 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17169 "A String", 17170 ], 17171 }, 17172 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17173 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17174 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17175 { # HTTPHeader describes a custom header to be used in HTTP probes 17176 "name": "A String", # The header field name 17177 "value": "A String", # The header field value 17178 }, 17179 ], 17180 "path": "A String", # Path to access on the HTTP server. +optional 17181 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17182 "intVal": 42, # The int value. 17183 "strVal": "A String", # The string value. 17184 "type": 42, # The type of the value. 17185 }, 17186 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17187 }, 17188 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17189 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17190 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17191 "intVal": 42, # The int value. 17192 "strVal": "A String", # The string value. 17193 "type": 42, # The type of the value. 17194 }, 17195 }, 17196 }, 17197 }, 17198 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17199 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17200 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17201 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17202 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17203 "A String", 17204 ], 17205 }, 17206 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17207 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17208 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17209 { # HTTPHeader describes a custom header to be used in HTTP probes 17210 "name": "A String", # The header field name 17211 "value": "A String", # The header field value 17212 }, 17213 ], 17214 "path": "A String", # Path to access on the HTTP server. +optional 17215 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17216 "intVal": 42, # The int value. 17217 "strVal": "A String", # The string value. 17218 "type": 42, # The type of the value. 17219 }, 17220 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17221 }, 17222 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17223 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17224 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17225 "intVal": 42, # The int value. 17226 "strVal": "A String", # The string value. 17227 "type": 42, # The type of the value. 17228 }, 17229 }, 17230 }, 17231 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17232 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17233 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17234 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17235 }, 17236 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17237 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17238 { # ContainerPort represents a network port in a single container. 17239 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17240 "hostIP": "A String", # What host IP to bind the external port to. +optional 17241 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17242 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17243 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17244 }, 17245 ], 17246 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17247 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17248 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17249 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17250 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17251 "A String", 17252 ], 17253 }, 17254 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17255 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17256 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17257 { # HTTPHeader describes a custom header to be used in HTTP probes 17258 "name": "A String", # The header field name 17259 "value": "A String", # The header field value 17260 }, 17261 ], 17262 "path": "A String", # Path to access on the HTTP server. +optional 17263 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17264 "intVal": 42, # The int value. 17265 "strVal": "A String", # The string value. 17266 "type": 42, # The type of the value. 17267 }, 17268 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17269 }, 17270 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17271 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17272 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17273 "intVal": 42, # The int value. 17274 "strVal": "A String", # The string value. 17275 "type": 42, # The type of the value. 17276 }, 17277 }, 17278 }, 17279 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17280 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17281 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17282 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17283 }, 17284 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17285 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17286 "a_key": "A String", 17287 }, 17288 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17289 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17290 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17291 }, 17292 }, 17293 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17294 "a_key": "A String", 17295 }, 17296 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17297 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17298 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17299 }, 17300 }, 17301 }, 17302 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17303 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17304 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17305 "add": [ # Added capabilities +optional 17306 "A String", 17307 ], 17308 "drop": [ # Removed capabilities +optional 17309 "A String", 17310 ], 17311 }, 17312 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17313 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17314 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17315 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17316 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17317 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17318 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17319 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17320 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17321 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17322 }, 17323 }, 17324 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17325 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17326 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17327 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17328 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17329 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17330 { # volumeDevice describes a mapping of a raw block device within a container. 17331 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17332 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17333 }, 17334 ], 17335 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17336 { # VolumeMount describes a mounting of a Volume within a container. 17337 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17338 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17339 "name": "A String", # This must match the Name of a Volume. 17340 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17341 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17342 }, 17343 ], 17344 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17345 }, 17346 ], 17347 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17348 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 17349 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 17350 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 17351 "volumes": [ 17352 { # Volume represents a named volume in a container. 17353 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 17354 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 17355 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 17356 { # Maps a string key to a path within a volume. 17357 "key": "A String", # The key to project. 17358 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 17359 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 17360 }, 17361 ], 17362 "name": "A String", # Name of the config. 17363 "optional": True or False, # Specify whether the Secret or its keys must be defined. 17364 }, 17365 "name": "A String", # Volume's name. 17366 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 17367 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 17368 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 17369 { # Maps a string key to a path within a volume. 17370 "key": "A String", # The key to project. 17371 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 17372 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 17373 }, 17374 ], 17375 "optional": True or False, # Specify whether the Secret or its keys must be defined. 17376 "secretName": "A String", # Name of the secret in the container's namespace to use. 17377 }, 17378 }, 17379 ], 17380 }, 17381 }, 17382 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 17383 { # TrafficTarget holds a single entry of the routing table for a Route. 17384 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 17385 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 17386 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 17387 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 17388 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 17389 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 17390 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 17391 }, 17392 ], 17393 }, 17394 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 17395 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 17396 "hostname": "A String", # Deprecated - use url instead. 17397 "url": "A String", 17398 }, 17399 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 17400 { # ServiceCondition defines a readiness condition for a Service. 17401 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 17402 "message": "A String", # Human-readable message indicating details about last transition. +optional 17403 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 17404 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 17405 "status": "A String", # Status of the condition, one of True, False, Unknown. 17406 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 17407 }, 17408 ], 17409 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 17410 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 17411 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 17412 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 17413 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 17414 { # TrafficTarget holds a single entry of the routing table for a Route. 17415 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 17416 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 17417 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 17418 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 17419 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 17420 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 17421 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 17422 }, 17423 ], 17424 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 17425 }, 17426 }, 17427 ], 17428 "kind": "A String", # The kind of this resource, in this case "ServiceList". 17429 "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Service list. 17430 "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response. 17431 "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17432 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional 17433 }, 17434 "unreachable": [ # Locations that could not be reached. 17435 "A String", 17436 ], 17437}</pre> 17438</div> 17439 17440<div class="method"> 17441 <code class="details" id="replaceService">replaceService(name, body=None, x__xgafv=None)</code> 17442 <pre>Rpc to replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control. 17443 17444Args: 17445 name: string, The name of the service being replaced. If needed, replace {namespace_id} with the project ID. (required) 17446 body: object, The request body. 17447 The object takes the form of: 17448 17449{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 17450 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 17451 "kind": "A String", # The kind of resource, in this case "Service". 17452 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 17453 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 17454 "a_key": "A String", 17455 }, 17456 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 17457 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17458 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 17459 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17460 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 17461 "A String", 17462 ], 17463 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 17464 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 17465 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 17466 "a_key": "A String", 17467 }, 17468 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 17469 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 17470 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 17471 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 17472 "apiVersion": "A String", # API version of the referent. 17473 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 17474 "controller": True or False, # If true, this reference points to the managing controller. +optional 17475 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 17476 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 17477 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 17478 }, 17479 ], 17480 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17481 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 17482 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 17483 }, 17484 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 17485 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17486 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 17487 }, 17488 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 17489 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 17490 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17491 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 17492 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 17493 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 17494 "a_key": "A String", 17495 }, 17496 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 17497 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17498 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 17499 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17500 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 17501 "A String", 17502 ], 17503 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 17504 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 17505 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 17506 "a_key": "A String", 17507 }, 17508 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 17509 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 17510 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 17511 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 17512 "apiVersion": "A String", # API version of the referent. 17513 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 17514 "controller": True or False, # If true, this reference points to the managing controller. +optional 17515 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 17516 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 17517 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 17518 }, 17519 ], 17520 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17521 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 17522 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 17523 }, 17524 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 17525 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 17526 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 17527 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17528 "A String", 17529 ], 17530 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17531 "A String", 17532 ], 17533 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17534 { # EnvVar represents an environment variable present in a Container. 17535 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17536 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17537 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17538 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17539 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17540 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17541 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17542 }, 17543 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17544 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17545 }, 17546 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17547 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17548 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17549 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17550 }, 17551 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17552 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17553 }, 17554 }, 17555 }, 17556 ], 17557 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17558 { # EnvFromSource represents the source of a set of ConfigMaps 17559 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17560 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17561 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17562 }, 17563 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17564 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17565 }, 17566 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17567 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17568 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17569 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17570 }, 17571 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17572 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17573 }, 17574 }, 17575 ], 17576 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17577 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17578 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17579 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17580 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17581 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17582 "A String", 17583 ], 17584 }, 17585 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17586 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17587 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17588 { # HTTPHeader describes a custom header to be used in HTTP probes 17589 "name": "A String", # The header field name 17590 "value": "A String", # The header field value 17591 }, 17592 ], 17593 "path": "A String", # Path to access on the HTTP server. +optional 17594 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17595 "intVal": 42, # The int value. 17596 "strVal": "A String", # The string value. 17597 "type": 42, # The type of the value. 17598 }, 17599 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17600 }, 17601 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17602 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17603 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17604 "intVal": 42, # The int value. 17605 "strVal": "A String", # The string value. 17606 "type": 42, # The type of the value. 17607 }, 17608 }, 17609 }, 17610 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17611 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17612 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17613 "A String", 17614 ], 17615 }, 17616 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17617 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17618 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17619 { # HTTPHeader describes a custom header to be used in HTTP probes 17620 "name": "A String", # The header field name 17621 "value": "A String", # The header field value 17622 }, 17623 ], 17624 "path": "A String", # Path to access on the HTTP server. +optional 17625 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17626 "intVal": 42, # The int value. 17627 "strVal": "A String", # The string value. 17628 "type": 42, # The type of the value. 17629 }, 17630 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17631 }, 17632 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17633 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17634 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17635 "intVal": 42, # The int value. 17636 "strVal": "A String", # The string value. 17637 "type": 42, # The type of the value. 17638 }, 17639 }, 17640 }, 17641 }, 17642 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17643 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17644 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17645 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17646 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17647 "A String", 17648 ], 17649 }, 17650 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17651 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17652 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17653 { # HTTPHeader describes a custom header to be used in HTTP probes 17654 "name": "A String", # The header field name 17655 "value": "A String", # The header field value 17656 }, 17657 ], 17658 "path": "A String", # Path to access on the HTTP server. +optional 17659 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17660 "intVal": 42, # The int value. 17661 "strVal": "A String", # The string value. 17662 "type": 42, # The type of the value. 17663 }, 17664 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17665 }, 17666 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17667 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17668 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17669 "intVal": 42, # The int value. 17670 "strVal": "A String", # The string value. 17671 "type": 42, # The type of the value. 17672 }, 17673 }, 17674 }, 17675 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17676 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17677 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17678 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17679 }, 17680 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17681 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17682 { # ContainerPort represents a network port in a single container. 17683 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17684 "hostIP": "A String", # What host IP to bind the external port to. +optional 17685 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17686 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17687 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17688 }, 17689 ], 17690 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17691 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17692 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17693 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17694 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17695 "A String", 17696 ], 17697 }, 17698 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17699 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17700 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17701 { # HTTPHeader describes a custom header to be used in HTTP probes 17702 "name": "A String", # The header field name 17703 "value": "A String", # The header field value 17704 }, 17705 ], 17706 "path": "A String", # Path to access on the HTTP server. +optional 17707 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17708 "intVal": 42, # The int value. 17709 "strVal": "A String", # The string value. 17710 "type": 42, # The type of the value. 17711 }, 17712 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17713 }, 17714 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17715 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17716 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17717 "intVal": 42, # The int value. 17718 "strVal": "A String", # The string value. 17719 "type": 42, # The type of the value. 17720 }, 17721 }, 17722 }, 17723 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17724 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17725 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17726 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17727 }, 17728 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17729 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17730 "a_key": "A String", 17731 }, 17732 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17733 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17734 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17735 }, 17736 }, 17737 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17738 "a_key": "A String", 17739 }, 17740 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17741 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17742 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17743 }, 17744 }, 17745 }, 17746 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17747 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17748 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17749 "add": [ # Added capabilities +optional 17750 "A String", 17751 ], 17752 "drop": [ # Removed capabilities +optional 17753 "A String", 17754 ], 17755 }, 17756 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17757 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17758 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17759 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17760 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17761 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17762 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17763 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17764 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17765 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17766 }, 17767 }, 17768 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17769 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17770 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17771 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17772 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17773 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17774 { # volumeDevice describes a mapping of a raw block device within a container. 17775 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17776 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17777 }, 17778 ], 17779 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17780 { # VolumeMount describes a mounting of a Volume within a container. 17781 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17782 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17783 "name": "A String", # This must match the Name of a Volume. 17784 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17785 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17786 }, 17787 ], 17788 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17789 }, 17790 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 17791 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 17792 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 17793 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17794 "A String", 17795 ], 17796 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17797 "A String", 17798 ], 17799 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17800 { # EnvVar represents an environment variable present in a Container. 17801 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17802 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17803 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17804 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17805 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17806 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17807 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17808 }, 17809 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17810 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17811 }, 17812 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17813 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17814 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17815 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17816 }, 17817 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17818 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17819 }, 17820 }, 17821 }, 17822 ], 17823 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17824 { # EnvFromSource represents the source of a set of ConfigMaps 17825 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17826 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17827 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17828 }, 17829 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17830 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17831 }, 17832 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17833 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17834 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17835 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17836 }, 17837 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17838 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17839 }, 17840 }, 17841 ], 17842 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17843 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17844 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17845 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17846 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17847 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17848 "A String", 17849 ], 17850 }, 17851 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17852 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17853 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17854 { # HTTPHeader describes a custom header to be used in HTTP probes 17855 "name": "A String", # The header field name 17856 "value": "A String", # The header field value 17857 }, 17858 ], 17859 "path": "A String", # Path to access on the HTTP server. +optional 17860 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17861 "intVal": 42, # The int value. 17862 "strVal": "A String", # The string value. 17863 "type": 42, # The type of the value. 17864 }, 17865 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17866 }, 17867 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17868 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17869 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17870 "intVal": 42, # The int value. 17871 "strVal": "A String", # The string value. 17872 "type": 42, # The type of the value. 17873 }, 17874 }, 17875 }, 17876 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17877 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17878 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17879 "A String", 17880 ], 17881 }, 17882 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17883 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17884 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17885 { # HTTPHeader describes a custom header to be used in HTTP probes 17886 "name": "A String", # The header field name 17887 "value": "A String", # The header field value 17888 }, 17889 ], 17890 "path": "A String", # Path to access on the HTTP server. +optional 17891 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17892 "intVal": 42, # The int value. 17893 "strVal": "A String", # The string value. 17894 "type": 42, # The type of the value. 17895 }, 17896 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17897 }, 17898 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17899 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17900 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17901 "intVal": 42, # The int value. 17902 "strVal": "A String", # The string value. 17903 "type": 42, # The type of the value. 17904 }, 17905 }, 17906 }, 17907 }, 17908 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17909 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17910 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17911 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17912 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17913 "A String", 17914 ], 17915 }, 17916 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17917 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17918 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17919 { # HTTPHeader describes a custom header to be used in HTTP probes 17920 "name": "A String", # The header field name 17921 "value": "A String", # The header field value 17922 }, 17923 ], 17924 "path": "A String", # Path to access on the HTTP server. +optional 17925 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17926 "intVal": 42, # The int value. 17927 "strVal": "A String", # The string value. 17928 "type": 42, # The type of the value. 17929 }, 17930 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17931 }, 17932 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17933 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17934 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17935 "intVal": 42, # The int value. 17936 "strVal": "A String", # The string value. 17937 "type": 42, # The type of the value. 17938 }, 17939 }, 17940 }, 17941 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17942 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17943 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17944 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17945 }, 17946 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17947 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17948 { # ContainerPort represents a network port in a single container. 17949 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17950 "hostIP": "A String", # What host IP to bind the external port to. +optional 17951 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17952 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17953 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17954 }, 17955 ], 17956 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17957 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17958 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17959 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17960 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17961 "A String", 17962 ], 17963 }, 17964 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17965 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17966 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17967 { # HTTPHeader describes a custom header to be used in HTTP probes 17968 "name": "A String", # The header field name 17969 "value": "A String", # The header field value 17970 }, 17971 ], 17972 "path": "A String", # Path to access on the HTTP server. +optional 17973 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17974 "intVal": 42, # The int value. 17975 "strVal": "A String", # The string value. 17976 "type": 42, # The type of the value. 17977 }, 17978 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17979 }, 17980 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17981 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17982 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17983 "intVal": 42, # The int value. 17984 "strVal": "A String", # The string value. 17985 "type": 42, # The type of the value. 17986 }, 17987 }, 17988 }, 17989 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17990 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17991 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17992 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17993 }, 17994 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17995 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17996 "a_key": "A String", 17997 }, 17998 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17999 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18000 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18001 }, 18002 }, 18003 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18004 "a_key": "A String", 18005 }, 18006 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18007 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18008 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18009 }, 18010 }, 18011 }, 18012 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18013 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18014 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18015 "add": [ # Added capabilities +optional 18016 "A String", 18017 ], 18018 "drop": [ # Removed capabilities +optional 18019 "A String", 18020 ], 18021 }, 18022 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18023 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18024 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18025 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18026 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18027 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18028 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18029 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18030 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18031 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18032 }, 18033 }, 18034 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18035 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18036 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18037 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18038 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18039 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18040 { # volumeDevice describes a mapping of a raw block device within a container. 18041 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18042 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18043 }, 18044 ], 18045 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18046 { # VolumeMount describes a mounting of a Volume within a container. 18047 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18048 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18049 "name": "A String", # This must match the Name of a Volume. 18050 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18051 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18052 }, 18053 ], 18054 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18055 }, 18056 ], 18057 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18058 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 18059 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 18060 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 18061 "volumes": [ 18062 { # Volume represents a named volume in a container. 18063 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 18064 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18065 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18066 { # Maps a string key to a path within a volume. 18067 "key": "A String", # The key to project. 18068 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18069 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18070 }, 18071 ], 18072 "name": "A String", # Name of the config. 18073 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18074 }, 18075 "name": "A String", # Volume's name. 18076 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 18077 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18078 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18079 { # Maps a string key to a path within a volume. 18080 "key": "A String", # The key to project. 18081 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18082 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18083 }, 18084 ], 18085 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18086 "secretName": "A String", # Name of the secret in the container's namespace to use. 18087 }, 18088 }, 18089 ], 18090 }, 18091 }, 18092 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 18093 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 18094 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 18095 "a_key": "A String", 18096 }, 18097 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 18098 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18099 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 18100 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18101 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 18102 "A String", 18103 ], 18104 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 18105 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 18106 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 18107 "a_key": "A String", 18108 }, 18109 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 18110 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 18111 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 18112 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 18113 "apiVersion": "A String", # API version of the referent. 18114 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 18115 "controller": True or False, # If true, this reference points to the managing controller. +optional 18116 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 18117 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 18118 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 18119 }, 18120 ], 18121 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 18122 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 18123 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 18124 }, 18125 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 18126 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 18127 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 18128 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18129 "A String", 18130 ], 18131 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18132 "A String", 18133 ], 18134 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18135 { # EnvVar represents an environment variable present in a Container. 18136 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18137 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18138 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18139 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18140 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18141 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18142 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18143 }, 18144 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18145 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18146 }, 18147 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18148 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18149 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18150 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18151 }, 18152 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18153 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18154 }, 18155 }, 18156 }, 18157 ], 18158 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18159 { # EnvFromSource represents the source of a set of ConfigMaps 18160 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18161 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18162 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18163 }, 18164 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18165 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18166 }, 18167 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18168 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18169 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18170 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18171 }, 18172 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18173 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18174 }, 18175 }, 18176 ], 18177 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18178 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18179 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18180 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18181 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18182 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18183 "A String", 18184 ], 18185 }, 18186 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18187 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18188 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18189 { # HTTPHeader describes a custom header to be used in HTTP probes 18190 "name": "A String", # The header field name 18191 "value": "A String", # The header field value 18192 }, 18193 ], 18194 "path": "A String", # Path to access on the HTTP server. +optional 18195 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18196 "intVal": 42, # The int value. 18197 "strVal": "A String", # The string value. 18198 "type": 42, # The type of the value. 18199 }, 18200 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18201 }, 18202 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18203 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18204 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18205 "intVal": 42, # The int value. 18206 "strVal": "A String", # The string value. 18207 "type": 42, # The type of the value. 18208 }, 18209 }, 18210 }, 18211 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18212 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18213 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18214 "A String", 18215 ], 18216 }, 18217 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18218 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18219 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18220 { # HTTPHeader describes a custom header to be used in HTTP probes 18221 "name": "A String", # The header field name 18222 "value": "A String", # The header field value 18223 }, 18224 ], 18225 "path": "A String", # Path to access on the HTTP server. +optional 18226 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18227 "intVal": 42, # The int value. 18228 "strVal": "A String", # The string value. 18229 "type": 42, # The type of the value. 18230 }, 18231 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18232 }, 18233 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18234 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18235 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18236 "intVal": 42, # The int value. 18237 "strVal": "A String", # The string value. 18238 "type": 42, # The type of the value. 18239 }, 18240 }, 18241 }, 18242 }, 18243 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18244 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18245 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18246 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18247 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18248 "A String", 18249 ], 18250 }, 18251 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18252 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18253 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18254 { # HTTPHeader describes a custom header to be used in HTTP probes 18255 "name": "A String", # The header field name 18256 "value": "A String", # The header field value 18257 }, 18258 ], 18259 "path": "A String", # Path to access on the HTTP server. +optional 18260 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18261 "intVal": 42, # The int value. 18262 "strVal": "A String", # The string value. 18263 "type": 42, # The type of the value. 18264 }, 18265 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18266 }, 18267 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18268 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18269 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18270 "intVal": 42, # The int value. 18271 "strVal": "A String", # The string value. 18272 "type": 42, # The type of the value. 18273 }, 18274 }, 18275 }, 18276 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18277 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18278 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18279 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18280 }, 18281 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18282 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18283 { # ContainerPort represents a network port in a single container. 18284 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18285 "hostIP": "A String", # What host IP to bind the external port to. +optional 18286 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18287 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18288 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18289 }, 18290 ], 18291 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18292 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18293 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18294 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18295 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18296 "A String", 18297 ], 18298 }, 18299 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18300 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18301 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18302 { # HTTPHeader describes a custom header to be used in HTTP probes 18303 "name": "A String", # The header field name 18304 "value": "A String", # The header field value 18305 }, 18306 ], 18307 "path": "A String", # Path to access on the HTTP server. +optional 18308 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18309 "intVal": 42, # The int value. 18310 "strVal": "A String", # The string value. 18311 "type": 42, # The type of the value. 18312 }, 18313 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18314 }, 18315 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18316 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18317 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18318 "intVal": 42, # The int value. 18319 "strVal": "A String", # The string value. 18320 "type": 42, # The type of the value. 18321 }, 18322 }, 18323 }, 18324 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18325 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18326 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18327 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18328 }, 18329 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18330 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18331 "a_key": "A String", 18332 }, 18333 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18334 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18335 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18336 }, 18337 }, 18338 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18339 "a_key": "A String", 18340 }, 18341 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18342 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18343 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18344 }, 18345 }, 18346 }, 18347 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18348 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18349 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18350 "add": [ # Added capabilities +optional 18351 "A String", 18352 ], 18353 "drop": [ # Removed capabilities +optional 18354 "A String", 18355 ], 18356 }, 18357 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18358 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18359 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18360 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18361 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18362 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18363 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18364 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18365 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18366 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18367 }, 18368 }, 18369 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18370 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18371 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18372 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18373 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18374 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18375 { # volumeDevice describes a mapping of a raw block device within a container. 18376 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18377 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18378 }, 18379 ], 18380 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18381 { # VolumeMount describes a mounting of a Volume within a container. 18382 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18383 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18384 "name": "A String", # This must match the Name of a Volume. 18385 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18386 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18387 }, 18388 ], 18389 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18390 }, 18391 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 18392 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 18393 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 18394 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18395 "A String", 18396 ], 18397 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18398 "A String", 18399 ], 18400 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18401 { # EnvVar represents an environment variable present in a Container. 18402 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18403 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18404 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18405 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18406 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18407 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18408 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18409 }, 18410 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18411 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18412 }, 18413 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18414 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18415 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18416 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18417 }, 18418 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18419 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18420 }, 18421 }, 18422 }, 18423 ], 18424 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18425 { # EnvFromSource represents the source of a set of ConfigMaps 18426 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18427 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18428 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18429 }, 18430 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18431 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18432 }, 18433 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18434 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18435 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18436 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18437 }, 18438 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18439 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18440 }, 18441 }, 18442 ], 18443 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18444 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18445 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18446 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18447 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18448 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18449 "A String", 18450 ], 18451 }, 18452 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18453 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18454 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18455 { # HTTPHeader describes a custom header to be used in HTTP probes 18456 "name": "A String", # The header field name 18457 "value": "A String", # The header field value 18458 }, 18459 ], 18460 "path": "A String", # Path to access on the HTTP server. +optional 18461 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18462 "intVal": 42, # The int value. 18463 "strVal": "A String", # The string value. 18464 "type": 42, # The type of the value. 18465 }, 18466 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18467 }, 18468 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18469 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18470 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18471 "intVal": 42, # The int value. 18472 "strVal": "A String", # The string value. 18473 "type": 42, # The type of the value. 18474 }, 18475 }, 18476 }, 18477 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18478 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18479 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18480 "A String", 18481 ], 18482 }, 18483 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18484 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18485 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18486 { # HTTPHeader describes a custom header to be used in HTTP probes 18487 "name": "A String", # The header field name 18488 "value": "A String", # The header field value 18489 }, 18490 ], 18491 "path": "A String", # Path to access on the HTTP server. +optional 18492 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18493 "intVal": 42, # The int value. 18494 "strVal": "A String", # The string value. 18495 "type": 42, # The type of the value. 18496 }, 18497 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18498 }, 18499 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18500 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18501 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18502 "intVal": 42, # The int value. 18503 "strVal": "A String", # The string value. 18504 "type": 42, # The type of the value. 18505 }, 18506 }, 18507 }, 18508 }, 18509 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18510 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18511 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18512 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18513 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18514 "A String", 18515 ], 18516 }, 18517 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18518 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18519 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18520 { # HTTPHeader describes a custom header to be used in HTTP probes 18521 "name": "A String", # The header field name 18522 "value": "A String", # The header field value 18523 }, 18524 ], 18525 "path": "A String", # Path to access on the HTTP server. +optional 18526 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18527 "intVal": 42, # The int value. 18528 "strVal": "A String", # The string value. 18529 "type": 42, # The type of the value. 18530 }, 18531 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18532 }, 18533 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18534 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18535 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18536 "intVal": 42, # The int value. 18537 "strVal": "A String", # The string value. 18538 "type": 42, # The type of the value. 18539 }, 18540 }, 18541 }, 18542 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18543 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18544 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18545 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18546 }, 18547 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18548 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18549 { # ContainerPort represents a network port in a single container. 18550 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18551 "hostIP": "A String", # What host IP to bind the external port to. +optional 18552 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18553 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18554 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18555 }, 18556 ], 18557 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18558 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18559 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18560 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18561 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18562 "A String", 18563 ], 18564 }, 18565 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18566 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18567 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18568 { # HTTPHeader describes a custom header to be used in HTTP probes 18569 "name": "A String", # The header field name 18570 "value": "A String", # The header field value 18571 }, 18572 ], 18573 "path": "A String", # Path to access on the HTTP server. +optional 18574 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18575 "intVal": 42, # The int value. 18576 "strVal": "A String", # The string value. 18577 "type": 42, # The type of the value. 18578 }, 18579 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18580 }, 18581 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18582 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18583 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18584 "intVal": 42, # The int value. 18585 "strVal": "A String", # The string value. 18586 "type": 42, # The type of the value. 18587 }, 18588 }, 18589 }, 18590 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18591 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18592 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18593 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18594 }, 18595 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18596 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18597 "a_key": "A String", 18598 }, 18599 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18600 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18601 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18602 }, 18603 }, 18604 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18605 "a_key": "A String", 18606 }, 18607 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18608 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18609 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18610 }, 18611 }, 18612 }, 18613 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18614 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18615 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18616 "add": [ # Added capabilities +optional 18617 "A String", 18618 ], 18619 "drop": [ # Removed capabilities +optional 18620 "A String", 18621 ], 18622 }, 18623 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18624 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18625 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18626 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18627 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18628 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18629 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18630 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18631 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18632 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18633 }, 18634 }, 18635 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18636 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18637 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18638 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18639 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18640 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18641 { # volumeDevice describes a mapping of a raw block device within a container. 18642 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18643 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18644 }, 18645 ], 18646 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18647 { # VolumeMount describes a mounting of a Volume within a container. 18648 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18649 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18650 "name": "A String", # This must match the Name of a Volume. 18651 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18652 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18653 }, 18654 ], 18655 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18656 }, 18657 ], 18658 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18659 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 18660 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 18661 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 18662 "volumes": [ 18663 { # Volume represents a named volume in a container. 18664 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 18665 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18666 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18667 { # Maps a string key to a path within a volume. 18668 "key": "A String", # The key to project. 18669 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18670 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18671 }, 18672 ], 18673 "name": "A String", # Name of the config. 18674 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18675 }, 18676 "name": "A String", # Volume's name. 18677 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 18678 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18679 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18680 { # Maps a string key to a path within a volume. 18681 "key": "A String", # The key to project. 18682 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18683 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18684 }, 18685 ], 18686 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18687 "secretName": "A String", # Name of the secret in the container's namespace to use. 18688 }, 18689 }, 18690 ], 18691 }, 18692 }, 18693 }, 18694 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 18695 }, 18696 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 18697 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 18698 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18699 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 18700 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 18701 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 18702 "a_key": "A String", 18703 }, 18704 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 18705 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18706 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 18707 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18708 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 18709 "A String", 18710 ], 18711 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 18712 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 18713 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 18714 "a_key": "A String", 18715 }, 18716 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 18717 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 18718 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 18719 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 18720 "apiVersion": "A String", # API version of the referent. 18721 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 18722 "controller": True or False, # If true, this reference points to the managing controller. +optional 18723 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 18724 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 18725 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 18726 }, 18727 ], 18728 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 18729 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 18730 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 18731 }, 18732 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 18733 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 18734 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 18735 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18736 "A String", 18737 ], 18738 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18739 "A String", 18740 ], 18741 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18742 { # EnvVar represents an environment variable present in a Container. 18743 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18744 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18745 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18746 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18747 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18748 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18749 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18750 }, 18751 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18752 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18753 }, 18754 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18755 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18756 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18757 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18758 }, 18759 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18760 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18761 }, 18762 }, 18763 }, 18764 ], 18765 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18766 { # EnvFromSource represents the source of a set of ConfigMaps 18767 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18768 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18769 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18770 }, 18771 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18772 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18773 }, 18774 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18775 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18776 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18777 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18778 }, 18779 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18780 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18781 }, 18782 }, 18783 ], 18784 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18785 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18786 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18787 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18788 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18789 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18790 "A String", 18791 ], 18792 }, 18793 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18794 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18795 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18796 { # HTTPHeader describes a custom header to be used in HTTP probes 18797 "name": "A String", # The header field name 18798 "value": "A String", # The header field value 18799 }, 18800 ], 18801 "path": "A String", # Path to access on the HTTP server. +optional 18802 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18803 "intVal": 42, # The int value. 18804 "strVal": "A String", # The string value. 18805 "type": 42, # The type of the value. 18806 }, 18807 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18808 }, 18809 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18810 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18811 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18812 "intVal": 42, # The int value. 18813 "strVal": "A String", # The string value. 18814 "type": 42, # The type of the value. 18815 }, 18816 }, 18817 }, 18818 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18819 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18820 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18821 "A String", 18822 ], 18823 }, 18824 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18825 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18826 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18827 { # HTTPHeader describes a custom header to be used in HTTP probes 18828 "name": "A String", # The header field name 18829 "value": "A String", # The header field value 18830 }, 18831 ], 18832 "path": "A String", # Path to access on the HTTP server. +optional 18833 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18834 "intVal": 42, # The int value. 18835 "strVal": "A String", # The string value. 18836 "type": 42, # The type of the value. 18837 }, 18838 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18839 }, 18840 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18841 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18842 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18843 "intVal": 42, # The int value. 18844 "strVal": "A String", # The string value. 18845 "type": 42, # The type of the value. 18846 }, 18847 }, 18848 }, 18849 }, 18850 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18851 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18852 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18853 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18854 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18855 "A String", 18856 ], 18857 }, 18858 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18859 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18860 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18861 { # HTTPHeader describes a custom header to be used in HTTP probes 18862 "name": "A String", # The header field name 18863 "value": "A String", # The header field value 18864 }, 18865 ], 18866 "path": "A String", # Path to access on the HTTP server. +optional 18867 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18868 "intVal": 42, # The int value. 18869 "strVal": "A String", # The string value. 18870 "type": 42, # The type of the value. 18871 }, 18872 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18873 }, 18874 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18875 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18876 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18877 "intVal": 42, # The int value. 18878 "strVal": "A String", # The string value. 18879 "type": 42, # The type of the value. 18880 }, 18881 }, 18882 }, 18883 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18884 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18885 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18886 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18887 }, 18888 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18889 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18890 { # ContainerPort represents a network port in a single container. 18891 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18892 "hostIP": "A String", # What host IP to bind the external port to. +optional 18893 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18894 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18895 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18896 }, 18897 ], 18898 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18899 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18900 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18901 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18902 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18903 "A String", 18904 ], 18905 }, 18906 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18907 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18908 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18909 { # HTTPHeader describes a custom header to be used in HTTP probes 18910 "name": "A String", # The header field name 18911 "value": "A String", # The header field value 18912 }, 18913 ], 18914 "path": "A String", # Path to access on the HTTP server. +optional 18915 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18916 "intVal": 42, # The int value. 18917 "strVal": "A String", # The string value. 18918 "type": 42, # The type of the value. 18919 }, 18920 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18921 }, 18922 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18923 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18924 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18925 "intVal": 42, # The int value. 18926 "strVal": "A String", # The string value. 18927 "type": 42, # The type of the value. 18928 }, 18929 }, 18930 }, 18931 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18932 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18933 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18934 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18935 }, 18936 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18937 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18938 "a_key": "A String", 18939 }, 18940 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18941 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18942 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18943 }, 18944 }, 18945 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18946 "a_key": "A String", 18947 }, 18948 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18949 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18950 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18951 }, 18952 }, 18953 }, 18954 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18955 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18956 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18957 "add": [ # Added capabilities +optional 18958 "A String", 18959 ], 18960 "drop": [ # Removed capabilities +optional 18961 "A String", 18962 ], 18963 }, 18964 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18965 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18966 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18967 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18968 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18969 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18970 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18971 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18972 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18973 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18974 }, 18975 }, 18976 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18977 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18978 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18979 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18980 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18981 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18982 { # volumeDevice describes a mapping of a raw block device within a container. 18983 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18984 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18985 }, 18986 ], 18987 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18988 { # VolumeMount describes a mounting of a Volume within a container. 18989 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18990 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18991 "name": "A String", # This must match the Name of a Volume. 18992 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18993 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18994 }, 18995 ], 18996 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18997 }, 18998 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 18999 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 19000 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 19001 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19002 "A String", 19003 ], 19004 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19005 "A String", 19006 ], 19007 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19008 { # EnvVar represents an environment variable present in a Container. 19009 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19010 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19011 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19012 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19013 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19014 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19015 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19016 }, 19017 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19018 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19019 }, 19020 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19021 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19022 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19023 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19024 }, 19025 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19026 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19027 }, 19028 }, 19029 }, 19030 ], 19031 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19032 { # EnvFromSource represents the source of a set of ConfigMaps 19033 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19034 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19035 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19036 }, 19037 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19038 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19039 }, 19040 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19041 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19042 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19043 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19044 }, 19045 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19046 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19047 }, 19048 }, 19049 ], 19050 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19051 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19052 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19053 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19054 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19055 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19056 "A String", 19057 ], 19058 }, 19059 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19060 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19061 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19062 { # HTTPHeader describes a custom header to be used in HTTP probes 19063 "name": "A String", # The header field name 19064 "value": "A String", # The header field value 19065 }, 19066 ], 19067 "path": "A String", # Path to access on the HTTP server. +optional 19068 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19069 "intVal": 42, # The int value. 19070 "strVal": "A String", # The string value. 19071 "type": 42, # The type of the value. 19072 }, 19073 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19074 }, 19075 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19076 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19077 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19078 "intVal": 42, # The int value. 19079 "strVal": "A String", # The string value. 19080 "type": 42, # The type of the value. 19081 }, 19082 }, 19083 }, 19084 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19085 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19086 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19087 "A String", 19088 ], 19089 }, 19090 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19091 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19092 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19093 { # HTTPHeader describes a custom header to be used in HTTP probes 19094 "name": "A String", # The header field name 19095 "value": "A String", # The header field value 19096 }, 19097 ], 19098 "path": "A String", # Path to access on the HTTP server. +optional 19099 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19100 "intVal": 42, # The int value. 19101 "strVal": "A String", # The string value. 19102 "type": 42, # The type of the value. 19103 }, 19104 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19105 }, 19106 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19107 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19108 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19109 "intVal": 42, # The int value. 19110 "strVal": "A String", # The string value. 19111 "type": 42, # The type of the value. 19112 }, 19113 }, 19114 }, 19115 }, 19116 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19117 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19118 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19119 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19120 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19121 "A String", 19122 ], 19123 }, 19124 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19125 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19126 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19127 { # HTTPHeader describes a custom header to be used in HTTP probes 19128 "name": "A String", # The header field name 19129 "value": "A String", # The header field value 19130 }, 19131 ], 19132 "path": "A String", # Path to access on the HTTP server. +optional 19133 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19134 "intVal": 42, # The int value. 19135 "strVal": "A String", # The string value. 19136 "type": 42, # The type of the value. 19137 }, 19138 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19139 }, 19140 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19141 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19142 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19143 "intVal": 42, # The int value. 19144 "strVal": "A String", # The string value. 19145 "type": 42, # The type of the value. 19146 }, 19147 }, 19148 }, 19149 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19150 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19151 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19152 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19153 }, 19154 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19155 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19156 { # ContainerPort represents a network port in a single container. 19157 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19158 "hostIP": "A String", # What host IP to bind the external port to. +optional 19159 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19160 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19161 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19162 }, 19163 ], 19164 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19165 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19166 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19167 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19168 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19169 "A String", 19170 ], 19171 }, 19172 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19173 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19174 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19175 { # HTTPHeader describes a custom header to be used in HTTP probes 19176 "name": "A String", # The header field name 19177 "value": "A String", # The header field value 19178 }, 19179 ], 19180 "path": "A String", # Path to access on the HTTP server. +optional 19181 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19182 "intVal": 42, # The int value. 19183 "strVal": "A String", # The string value. 19184 "type": 42, # The type of the value. 19185 }, 19186 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19187 }, 19188 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19189 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19190 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19191 "intVal": 42, # The int value. 19192 "strVal": "A String", # The string value. 19193 "type": 42, # The type of the value. 19194 }, 19195 }, 19196 }, 19197 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19198 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19199 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19200 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19201 }, 19202 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19203 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19204 "a_key": "A String", 19205 }, 19206 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19207 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19208 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19209 }, 19210 }, 19211 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19212 "a_key": "A String", 19213 }, 19214 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19215 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19216 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19217 }, 19218 }, 19219 }, 19220 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19221 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19222 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19223 "add": [ # Added capabilities +optional 19224 "A String", 19225 ], 19226 "drop": [ # Removed capabilities +optional 19227 "A String", 19228 ], 19229 }, 19230 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19231 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19232 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19233 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19234 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19235 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19236 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19237 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19238 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19239 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19240 }, 19241 }, 19242 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19243 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19244 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19245 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19246 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19247 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19248 { # volumeDevice describes a mapping of a raw block device within a container. 19249 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19250 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19251 }, 19252 ], 19253 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19254 { # VolumeMount describes a mounting of a Volume within a container. 19255 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19256 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19257 "name": "A String", # This must match the Name of a Volume. 19258 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19259 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19260 }, 19261 ], 19262 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19263 }, 19264 ], 19265 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19266 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 19267 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 19268 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 19269 "volumes": [ 19270 { # Volume represents a named volume in a container. 19271 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 19272 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19273 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19274 { # Maps a string key to a path within a volume. 19275 "key": "A String", # The key to project. 19276 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19277 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19278 }, 19279 ], 19280 "name": "A String", # Name of the config. 19281 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19282 }, 19283 "name": "A String", # Volume's name. 19284 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 19285 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19286 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19287 { # Maps a string key to a path within a volume. 19288 "key": "A String", # The key to project. 19289 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19290 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19291 }, 19292 ], 19293 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19294 "secretName": "A String", # Name of the secret in the container's namespace to use. 19295 }, 19296 }, 19297 ], 19298 }, 19299 }, 19300 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 19301 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 19302 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 19303 "a_key": "A String", 19304 }, 19305 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 19306 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19307 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 19308 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19309 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 19310 "A String", 19311 ], 19312 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 19313 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 19314 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 19315 "a_key": "A String", 19316 }, 19317 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 19318 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 19319 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 19320 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 19321 "apiVersion": "A String", # API version of the referent. 19322 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 19323 "controller": True or False, # If true, this reference points to the managing controller. +optional 19324 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 19325 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 19326 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 19327 }, 19328 ], 19329 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 19330 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 19331 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 19332 }, 19333 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 19334 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 19335 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 19336 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19337 "A String", 19338 ], 19339 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19340 "A String", 19341 ], 19342 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19343 { # EnvVar represents an environment variable present in a Container. 19344 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19345 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19346 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19347 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19348 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19349 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19350 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19351 }, 19352 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19353 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19354 }, 19355 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19356 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19357 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19358 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19359 }, 19360 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19361 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19362 }, 19363 }, 19364 }, 19365 ], 19366 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19367 { # EnvFromSource represents the source of a set of ConfigMaps 19368 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19369 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19370 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19371 }, 19372 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19373 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19374 }, 19375 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19376 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19377 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19378 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19379 }, 19380 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19381 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19382 }, 19383 }, 19384 ], 19385 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19386 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19387 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19388 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19389 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19390 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19391 "A String", 19392 ], 19393 }, 19394 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19395 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19396 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19397 { # HTTPHeader describes a custom header to be used in HTTP probes 19398 "name": "A String", # The header field name 19399 "value": "A String", # The header field value 19400 }, 19401 ], 19402 "path": "A String", # Path to access on the HTTP server. +optional 19403 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19404 "intVal": 42, # The int value. 19405 "strVal": "A String", # The string value. 19406 "type": 42, # The type of the value. 19407 }, 19408 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19409 }, 19410 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19411 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19412 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19413 "intVal": 42, # The int value. 19414 "strVal": "A String", # The string value. 19415 "type": 42, # The type of the value. 19416 }, 19417 }, 19418 }, 19419 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19420 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19421 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19422 "A String", 19423 ], 19424 }, 19425 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19426 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19427 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19428 { # HTTPHeader describes a custom header to be used in HTTP probes 19429 "name": "A String", # The header field name 19430 "value": "A String", # The header field value 19431 }, 19432 ], 19433 "path": "A String", # Path to access on the HTTP server. +optional 19434 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19435 "intVal": 42, # The int value. 19436 "strVal": "A String", # The string value. 19437 "type": 42, # The type of the value. 19438 }, 19439 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19440 }, 19441 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19442 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19443 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19444 "intVal": 42, # The int value. 19445 "strVal": "A String", # The string value. 19446 "type": 42, # The type of the value. 19447 }, 19448 }, 19449 }, 19450 }, 19451 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19452 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19453 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19454 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19455 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19456 "A String", 19457 ], 19458 }, 19459 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19460 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19461 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19462 { # HTTPHeader describes a custom header to be used in HTTP probes 19463 "name": "A String", # The header field name 19464 "value": "A String", # The header field value 19465 }, 19466 ], 19467 "path": "A String", # Path to access on the HTTP server. +optional 19468 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19469 "intVal": 42, # The int value. 19470 "strVal": "A String", # The string value. 19471 "type": 42, # The type of the value. 19472 }, 19473 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19474 }, 19475 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19476 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19477 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19478 "intVal": 42, # The int value. 19479 "strVal": "A String", # The string value. 19480 "type": 42, # The type of the value. 19481 }, 19482 }, 19483 }, 19484 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19485 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19486 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19487 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19488 }, 19489 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19490 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19491 { # ContainerPort represents a network port in a single container. 19492 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19493 "hostIP": "A String", # What host IP to bind the external port to. +optional 19494 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19495 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19496 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19497 }, 19498 ], 19499 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19500 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19501 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19502 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19503 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19504 "A String", 19505 ], 19506 }, 19507 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19508 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19509 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19510 { # HTTPHeader describes a custom header to be used in HTTP probes 19511 "name": "A String", # The header field name 19512 "value": "A String", # The header field value 19513 }, 19514 ], 19515 "path": "A String", # Path to access on the HTTP server. +optional 19516 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19517 "intVal": 42, # The int value. 19518 "strVal": "A String", # The string value. 19519 "type": 42, # The type of the value. 19520 }, 19521 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19522 }, 19523 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19524 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19525 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19526 "intVal": 42, # The int value. 19527 "strVal": "A String", # The string value. 19528 "type": 42, # The type of the value. 19529 }, 19530 }, 19531 }, 19532 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19533 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19534 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19535 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19536 }, 19537 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19538 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19539 "a_key": "A String", 19540 }, 19541 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19542 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19543 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19544 }, 19545 }, 19546 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19547 "a_key": "A String", 19548 }, 19549 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19550 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19551 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19552 }, 19553 }, 19554 }, 19555 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19556 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19557 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19558 "add": [ # Added capabilities +optional 19559 "A String", 19560 ], 19561 "drop": [ # Removed capabilities +optional 19562 "A String", 19563 ], 19564 }, 19565 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19566 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19567 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19568 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19569 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19570 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19571 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19572 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19573 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19574 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19575 }, 19576 }, 19577 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19578 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19579 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19580 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19581 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19582 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19583 { # volumeDevice describes a mapping of a raw block device within a container. 19584 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19585 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19586 }, 19587 ], 19588 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19589 { # VolumeMount describes a mounting of a Volume within a container. 19590 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19591 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19592 "name": "A String", # This must match the Name of a Volume. 19593 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19594 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19595 }, 19596 ], 19597 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19598 }, 19599 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 19600 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 19601 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 19602 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19603 "A String", 19604 ], 19605 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19606 "A String", 19607 ], 19608 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19609 { # EnvVar represents an environment variable present in a Container. 19610 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19611 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19612 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19613 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19614 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19615 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19616 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19617 }, 19618 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19619 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19620 }, 19621 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19622 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19623 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19624 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19625 }, 19626 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19627 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19628 }, 19629 }, 19630 }, 19631 ], 19632 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19633 { # EnvFromSource represents the source of a set of ConfigMaps 19634 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19635 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19636 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19637 }, 19638 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19639 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19640 }, 19641 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19642 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19643 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19644 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19645 }, 19646 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19647 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19648 }, 19649 }, 19650 ], 19651 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19652 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19653 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19654 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19655 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19656 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19657 "A String", 19658 ], 19659 }, 19660 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19661 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19662 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19663 { # HTTPHeader describes a custom header to be used in HTTP probes 19664 "name": "A String", # The header field name 19665 "value": "A String", # The header field value 19666 }, 19667 ], 19668 "path": "A String", # Path to access on the HTTP server. +optional 19669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19670 "intVal": 42, # The int value. 19671 "strVal": "A String", # The string value. 19672 "type": 42, # The type of the value. 19673 }, 19674 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19675 }, 19676 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19677 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19678 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19679 "intVal": 42, # The int value. 19680 "strVal": "A String", # The string value. 19681 "type": 42, # The type of the value. 19682 }, 19683 }, 19684 }, 19685 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19686 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19687 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19688 "A String", 19689 ], 19690 }, 19691 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19692 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19693 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19694 { # HTTPHeader describes a custom header to be used in HTTP probes 19695 "name": "A String", # The header field name 19696 "value": "A String", # The header field value 19697 }, 19698 ], 19699 "path": "A String", # Path to access on the HTTP server. +optional 19700 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19701 "intVal": 42, # The int value. 19702 "strVal": "A String", # The string value. 19703 "type": 42, # The type of the value. 19704 }, 19705 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19706 }, 19707 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19708 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19709 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19710 "intVal": 42, # The int value. 19711 "strVal": "A String", # The string value. 19712 "type": 42, # The type of the value. 19713 }, 19714 }, 19715 }, 19716 }, 19717 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19718 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19719 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19720 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19721 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19722 "A String", 19723 ], 19724 }, 19725 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19726 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19727 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19728 { # HTTPHeader describes a custom header to be used in HTTP probes 19729 "name": "A String", # The header field name 19730 "value": "A String", # The header field value 19731 }, 19732 ], 19733 "path": "A String", # Path to access on the HTTP server. +optional 19734 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19735 "intVal": 42, # The int value. 19736 "strVal": "A String", # The string value. 19737 "type": 42, # The type of the value. 19738 }, 19739 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19740 }, 19741 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19742 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19743 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19744 "intVal": 42, # The int value. 19745 "strVal": "A String", # The string value. 19746 "type": 42, # The type of the value. 19747 }, 19748 }, 19749 }, 19750 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19751 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19752 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19753 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19754 }, 19755 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19756 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19757 { # ContainerPort represents a network port in a single container. 19758 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19759 "hostIP": "A String", # What host IP to bind the external port to. +optional 19760 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19761 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19762 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19763 }, 19764 ], 19765 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19766 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19767 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19768 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19769 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19770 "A String", 19771 ], 19772 }, 19773 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19774 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19775 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19776 { # HTTPHeader describes a custom header to be used in HTTP probes 19777 "name": "A String", # The header field name 19778 "value": "A String", # The header field value 19779 }, 19780 ], 19781 "path": "A String", # Path to access on the HTTP server. +optional 19782 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19783 "intVal": 42, # The int value. 19784 "strVal": "A String", # The string value. 19785 "type": 42, # The type of the value. 19786 }, 19787 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19788 }, 19789 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19790 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19791 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19792 "intVal": 42, # The int value. 19793 "strVal": "A String", # The string value. 19794 "type": 42, # The type of the value. 19795 }, 19796 }, 19797 }, 19798 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19799 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19800 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19801 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19802 }, 19803 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19804 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19805 "a_key": "A String", 19806 }, 19807 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19808 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19809 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19810 }, 19811 }, 19812 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19813 "a_key": "A String", 19814 }, 19815 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19816 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19817 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19818 }, 19819 }, 19820 }, 19821 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19822 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19823 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19824 "add": [ # Added capabilities +optional 19825 "A String", 19826 ], 19827 "drop": [ # Removed capabilities +optional 19828 "A String", 19829 ], 19830 }, 19831 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19832 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19833 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19834 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19835 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19836 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19837 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19838 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19839 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19840 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19841 }, 19842 }, 19843 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19844 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19845 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19846 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19847 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19848 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19849 { # volumeDevice describes a mapping of a raw block device within a container. 19850 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19851 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19852 }, 19853 ], 19854 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19855 { # VolumeMount describes a mounting of a Volume within a container. 19856 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19857 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19858 "name": "A String", # This must match the Name of a Volume. 19859 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19860 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19861 }, 19862 ], 19863 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19864 }, 19865 ], 19866 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19867 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 19868 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 19869 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 19870 "volumes": [ 19871 { # Volume represents a named volume in a container. 19872 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 19873 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19874 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19875 { # Maps a string key to a path within a volume. 19876 "key": "A String", # The key to project. 19877 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19878 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19879 }, 19880 ], 19881 "name": "A String", # Name of the config. 19882 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19883 }, 19884 "name": "A String", # Volume's name. 19885 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 19886 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19887 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19888 { # Maps a string key to a path within a volume. 19889 "key": "A String", # The key to project. 19890 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19891 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19892 }, 19893 ], 19894 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19895 "secretName": "A String", # Name of the secret in the container's namespace to use. 19896 }, 19897 }, 19898 ], 19899 }, 19900 }, 19901 }, 19902 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 19903 "A String", 19904 ], 19905 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 19906 }, 19907 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 19908 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 19909 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19910 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 19911 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 19912 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 19913 "a_key": "A String", 19914 }, 19915 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 19916 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19917 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 19918 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19919 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 19920 "A String", 19921 ], 19922 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 19923 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 19924 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 19925 "a_key": "A String", 19926 }, 19927 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 19928 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 19929 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 19930 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 19931 "apiVersion": "A String", # API version of the referent. 19932 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 19933 "controller": True or False, # If true, this reference points to the managing controller. +optional 19934 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 19935 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 19936 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 19937 }, 19938 ], 19939 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 19940 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 19941 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 19942 }, 19943 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 19944 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 19945 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 19946 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19947 "A String", 19948 ], 19949 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19950 "A String", 19951 ], 19952 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19953 { # EnvVar represents an environment variable present in a Container. 19954 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19955 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19956 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19957 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19958 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19959 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19960 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19961 }, 19962 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19963 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19964 }, 19965 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19966 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19967 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19968 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19969 }, 19970 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19971 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19972 }, 19973 }, 19974 }, 19975 ], 19976 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19977 { # EnvFromSource represents the source of a set of ConfigMaps 19978 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19979 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19980 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19981 }, 19982 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19983 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19984 }, 19985 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19986 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19987 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19988 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19989 }, 19990 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19991 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19992 }, 19993 }, 19994 ], 19995 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19996 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19997 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19998 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19999 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20000 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20001 "A String", 20002 ], 20003 }, 20004 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20005 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20006 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20007 { # HTTPHeader describes a custom header to be used in HTTP probes 20008 "name": "A String", # The header field name 20009 "value": "A String", # The header field value 20010 }, 20011 ], 20012 "path": "A String", # Path to access on the HTTP server. +optional 20013 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20014 "intVal": 42, # The int value. 20015 "strVal": "A String", # The string value. 20016 "type": 42, # The type of the value. 20017 }, 20018 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20019 }, 20020 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20021 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20022 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20023 "intVal": 42, # The int value. 20024 "strVal": "A String", # The string value. 20025 "type": 42, # The type of the value. 20026 }, 20027 }, 20028 }, 20029 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20030 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20031 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20032 "A String", 20033 ], 20034 }, 20035 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20036 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20037 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20038 { # HTTPHeader describes a custom header to be used in HTTP probes 20039 "name": "A String", # The header field name 20040 "value": "A String", # The header field value 20041 }, 20042 ], 20043 "path": "A String", # Path to access on the HTTP server. +optional 20044 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20045 "intVal": 42, # The int value. 20046 "strVal": "A String", # The string value. 20047 "type": 42, # The type of the value. 20048 }, 20049 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20050 }, 20051 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20052 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20053 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20054 "intVal": 42, # The int value. 20055 "strVal": "A String", # The string value. 20056 "type": 42, # The type of the value. 20057 }, 20058 }, 20059 }, 20060 }, 20061 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20062 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20063 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20064 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20065 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20066 "A String", 20067 ], 20068 }, 20069 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20070 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20071 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20072 { # HTTPHeader describes a custom header to be used in HTTP probes 20073 "name": "A String", # The header field name 20074 "value": "A String", # The header field value 20075 }, 20076 ], 20077 "path": "A String", # Path to access on the HTTP server. +optional 20078 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20079 "intVal": 42, # The int value. 20080 "strVal": "A String", # The string value. 20081 "type": 42, # The type of the value. 20082 }, 20083 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20084 }, 20085 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20086 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20087 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20088 "intVal": 42, # The int value. 20089 "strVal": "A String", # The string value. 20090 "type": 42, # The type of the value. 20091 }, 20092 }, 20093 }, 20094 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20095 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20096 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20097 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20098 }, 20099 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20100 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20101 { # ContainerPort represents a network port in a single container. 20102 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20103 "hostIP": "A String", # What host IP to bind the external port to. +optional 20104 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20105 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20106 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20107 }, 20108 ], 20109 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20110 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20111 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20112 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20113 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20114 "A String", 20115 ], 20116 }, 20117 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20118 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20119 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20120 { # HTTPHeader describes a custom header to be used in HTTP probes 20121 "name": "A String", # The header field name 20122 "value": "A String", # The header field value 20123 }, 20124 ], 20125 "path": "A String", # Path to access on the HTTP server. +optional 20126 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20127 "intVal": 42, # The int value. 20128 "strVal": "A String", # The string value. 20129 "type": 42, # The type of the value. 20130 }, 20131 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20132 }, 20133 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20134 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20135 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20136 "intVal": 42, # The int value. 20137 "strVal": "A String", # The string value. 20138 "type": 42, # The type of the value. 20139 }, 20140 }, 20141 }, 20142 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20143 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20144 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20145 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20146 }, 20147 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20148 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20149 "a_key": "A String", 20150 }, 20151 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20152 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20153 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20154 }, 20155 }, 20156 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20157 "a_key": "A String", 20158 }, 20159 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20160 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20161 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20162 }, 20163 }, 20164 }, 20165 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20166 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20167 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20168 "add": [ # Added capabilities +optional 20169 "A String", 20170 ], 20171 "drop": [ # Removed capabilities +optional 20172 "A String", 20173 ], 20174 }, 20175 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20176 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20177 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20178 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20179 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20180 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20181 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20182 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20183 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20184 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20185 }, 20186 }, 20187 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20188 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20189 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20190 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20191 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20192 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20193 { # volumeDevice describes a mapping of a raw block device within a container. 20194 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20195 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20196 }, 20197 ], 20198 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20199 { # VolumeMount describes a mounting of a Volume within a container. 20200 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20201 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20202 "name": "A String", # This must match the Name of a Volume. 20203 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20204 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20205 }, 20206 ], 20207 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20208 }, 20209 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 20210 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 20211 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 20212 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20213 "A String", 20214 ], 20215 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20216 "A String", 20217 ], 20218 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20219 { # EnvVar represents an environment variable present in a Container. 20220 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20221 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20222 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20223 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20224 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20225 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20226 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20227 }, 20228 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20229 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20230 }, 20231 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20232 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20233 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20234 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20235 }, 20236 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20237 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20238 }, 20239 }, 20240 }, 20241 ], 20242 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20243 { # EnvFromSource represents the source of a set of ConfigMaps 20244 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20245 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20246 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20247 }, 20248 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20249 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20250 }, 20251 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20252 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20253 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20254 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20255 }, 20256 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20257 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20258 }, 20259 }, 20260 ], 20261 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20262 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20263 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20264 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20265 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20266 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20267 "A String", 20268 ], 20269 }, 20270 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20271 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20272 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20273 { # HTTPHeader describes a custom header to be used in HTTP probes 20274 "name": "A String", # The header field name 20275 "value": "A String", # The header field value 20276 }, 20277 ], 20278 "path": "A String", # Path to access on the HTTP server. +optional 20279 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20280 "intVal": 42, # The int value. 20281 "strVal": "A String", # The string value. 20282 "type": 42, # The type of the value. 20283 }, 20284 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20285 }, 20286 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20287 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20288 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20289 "intVal": 42, # The int value. 20290 "strVal": "A String", # The string value. 20291 "type": 42, # The type of the value. 20292 }, 20293 }, 20294 }, 20295 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20296 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20297 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20298 "A String", 20299 ], 20300 }, 20301 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20302 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20303 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20304 { # HTTPHeader describes a custom header to be used in HTTP probes 20305 "name": "A String", # The header field name 20306 "value": "A String", # The header field value 20307 }, 20308 ], 20309 "path": "A String", # Path to access on the HTTP server. +optional 20310 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20311 "intVal": 42, # The int value. 20312 "strVal": "A String", # The string value. 20313 "type": 42, # The type of the value. 20314 }, 20315 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20316 }, 20317 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20318 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20319 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20320 "intVal": 42, # The int value. 20321 "strVal": "A String", # The string value. 20322 "type": 42, # The type of the value. 20323 }, 20324 }, 20325 }, 20326 }, 20327 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20328 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20329 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20330 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20331 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20332 "A String", 20333 ], 20334 }, 20335 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20336 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20337 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20338 { # HTTPHeader describes a custom header to be used in HTTP probes 20339 "name": "A String", # The header field name 20340 "value": "A String", # The header field value 20341 }, 20342 ], 20343 "path": "A String", # Path to access on the HTTP server. +optional 20344 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20345 "intVal": 42, # The int value. 20346 "strVal": "A String", # The string value. 20347 "type": 42, # The type of the value. 20348 }, 20349 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20350 }, 20351 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20352 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20353 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20354 "intVal": 42, # The int value. 20355 "strVal": "A String", # The string value. 20356 "type": 42, # The type of the value. 20357 }, 20358 }, 20359 }, 20360 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20361 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20362 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20363 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20364 }, 20365 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20366 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20367 { # ContainerPort represents a network port in a single container. 20368 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20369 "hostIP": "A String", # What host IP to bind the external port to. +optional 20370 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20371 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20372 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20373 }, 20374 ], 20375 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20376 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20377 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20378 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20379 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20380 "A String", 20381 ], 20382 }, 20383 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20384 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20385 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20386 { # HTTPHeader describes a custom header to be used in HTTP probes 20387 "name": "A String", # The header field name 20388 "value": "A String", # The header field value 20389 }, 20390 ], 20391 "path": "A String", # Path to access on the HTTP server. +optional 20392 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20393 "intVal": 42, # The int value. 20394 "strVal": "A String", # The string value. 20395 "type": 42, # The type of the value. 20396 }, 20397 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20398 }, 20399 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20400 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20401 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20402 "intVal": 42, # The int value. 20403 "strVal": "A String", # The string value. 20404 "type": 42, # The type of the value. 20405 }, 20406 }, 20407 }, 20408 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20409 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20410 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20411 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20412 }, 20413 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20414 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20415 "a_key": "A String", 20416 }, 20417 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20418 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20419 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20420 }, 20421 }, 20422 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20423 "a_key": "A String", 20424 }, 20425 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20426 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20427 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20428 }, 20429 }, 20430 }, 20431 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20432 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20433 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20434 "add": [ # Added capabilities +optional 20435 "A String", 20436 ], 20437 "drop": [ # Removed capabilities +optional 20438 "A String", 20439 ], 20440 }, 20441 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20442 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20443 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20444 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20445 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20446 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20447 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20448 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20449 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20450 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20451 }, 20452 }, 20453 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20454 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20455 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20456 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20457 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20458 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20459 { # volumeDevice describes a mapping of a raw block device within a container. 20460 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20461 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20462 }, 20463 ], 20464 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20465 { # VolumeMount describes a mounting of a Volume within a container. 20466 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20467 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20468 "name": "A String", # This must match the Name of a Volume. 20469 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20470 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20471 }, 20472 ], 20473 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20474 }, 20475 ], 20476 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 20477 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 20478 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 20479 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 20480 "volumes": [ 20481 { # Volume represents a named volume in a container. 20482 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 20483 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 20484 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 20485 { # Maps a string key to a path within a volume. 20486 "key": "A String", # The key to project. 20487 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 20488 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 20489 }, 20490 ], 20491 "name": "A String", # Name of the config. 20492 "optional": True or False, # Specify whether the Secret or its keys must be defined. 20493 }, 20494 "name": "A String", # Volume's name. 20495 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 20496 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 20497 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 20498 { # Maps a string key to a path within a volume. 20499 "key": "A String", # The key to project. 20500 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 20501 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 20502 }, 20503 ], 20504 "optional": True or False, # Specify whether the Secret or its keys must be defined. 20505 "secretName": "A String", # Name of the secret in the container's namespace to use. 20506 }, 20507 }, 20508 ], 20509 }, 20510 }, 20511 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 20512 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 20513 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 20514 "a_key": "A String", 20515 }, 20516 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 20517 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 20518 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 20519 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 20520 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 20521 "A String", 20522 ], 20523 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 20524 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 20525 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 20526 "a_key": "A String", 20527 }, 20528 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 20529 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 20530 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 20531 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 20532 "apiVersion": "A String", # API version of the referent. 20533 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 20534 "controller": True or False, # If true, this reference points to the managing controller. +optional 20535 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 20536 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 20537 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 20538 }, 20539 ], 20540 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 20541 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 20542 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 20543 }, 20544 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 20545 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 20546 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 20547 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20548 "A String", 20549 ], 20550 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20551 "A String", 20552 ], 20553 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20554 { # EnvVar represents an environment variable present in a Container. 20555 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20556 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20557 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20558 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20559 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20560 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20561 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20562 }, 20563 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20564 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20565 }, 20566 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20567 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20568 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20569 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20570 }, 20571 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20572 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20573 }, 20574 }, 20575 }, 20576 ], 20577 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20578 { # EnvFromSource represents the source of a set of ConfigMaps 20579 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20580 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20581 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20582 }, 20583 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20584 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20585 }, 20586 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20587 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20588 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20589 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20590 }, 20591 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20592 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20593 }, 20594 }, 20595 ], 20596 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20597 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20598 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20599 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20600 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20601 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20602 "A String", 20603 ], 20604 }, 20605 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20606 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20607 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20608 { # HTTPHeader describes a custom header to be used in HTTP probes 20609 "name": "A String", # The header field name 20610 "value": "A String", # The header field value 20611 }, 20612 ], 20613 "path": "A String", # Path to access on the HTTP server. +optional 20614 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20615 "intVal": 42, # The int value. 20616 "strVal": "A String", # The string value. 20617 "type": 42, # The type of the value. 20618 }, 20619 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20620 }, 20621 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20622 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20623 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20624 "intVal": 42, # The int value. 20625 "strVal": "A String", # The string value. 20626 "type": 42, # The type of the value. 20627 }, 20628 }, 20629 }, 20630 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20631 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20632 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20633 "A String", 20634 ], 20635 }, 20636 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20637 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20638 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20639 { # HTTPHeader describes a custom header to be used in HTTP probes 20640 "name": "A String", # The header field name 20641 "value": "A String", # The header field value 20642 }, 20643 ], 20644 "path": "A String", # Path to access on the HTTP server. +optional 20645 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20646 "intVal": 42, # The int value. 20647 "strVal": "A String", # The string value. 20648 "type": 42, # The type of the value. 20649 }, 20650 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20651 }, 20652 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20653 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20654 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20655 "intVal": 42, # The int value. 20656 "strVal": "A String", # The string value. 20657 "type": 42, # The type of the value. 20658 }, 20659 }, 20660 }, 20661 }, 20662 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20663 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20664 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20665 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20666 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20667 "A String", 20668 ], 20669 }, 20670 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20671 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20672 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20673 { # HTTPHeader describes a custom header to be used in HTTP probes 20674 "name": "A String", # The header field name 20675 "value": "A String", # The header field value 20676 }, 20677 ], 20678 "path": "A String", # Path to access on the HTTP server. +optional 20679 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20680 "intVal": 42, # The int value. 20681 "strVal": "A String", # The string value. 20682 "type": 42, # The type of the value. 20683 }, 20684 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20685 }, 20686 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20687 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20688 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20689 "intVal": 42, # The int value. 20690 "strVal": "A String", # The string value. 20691 "type": 42, # The type of the value. 20692 }, 20693 }, 20694 }, 20695 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20696 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20697 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20698 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20699 }, 20700 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20701 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20702 { # ContainerPort represents a network port in a single container. 20703 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20704 "hostIP": "A String", # What host IP to bind the external port to. +optional 20705 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20706 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20707 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20708 }, 20709 ], 20710 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20711 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20712 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20713 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20714 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20715 "A String", 20716 ], 20717 }, 20718 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20719 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20720 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20721 { # HTTPHeader describes a custom header to be used in HTTP probes 20722 "name": "A String", # The header field name 20723 "value": "A String", # The header field value 20724 }, 20725 ], 20726 "path": "A String", # Path to access on the HTTP server. +optional 20727 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20728 "intVal": 42, # The int value. 20729 "strVal": "A String", # The string value. 20730 "type": 42, # The type of the value. 20731 }, 20732 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20733 }, 20734 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20735 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20736 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20737 "intVal": 42, # The int value. 20738 "strVal": "A String", # The string value. 20739 "type": 42, # The type of the value. 20740 }, 20741 }, 20742 }, 20743 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20744 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20745 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20746 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20747 }, 20748 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20749 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20750 "a_key": "A String", 20751 }, 20752 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20753 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20754 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20755 }, 20756 }, 20757 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20758 "a_key": "A String", 20759 }, 20760 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20761 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20762 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20763 }, 20764 }, 20765 }, 20766 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20767 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20768 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20769 "add": [ # Added capabilities +optional 20770 "A String", 20771 ], 20772 "drop": [ # Removed capabilities +optional 20773 "A String", 20774 ], 20775 }, 20776 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20777 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20778 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20779 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20780 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20781 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20782 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20783 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20784 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20785 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20786 }, 20787 }, 20788 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20789 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20790 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20791 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20792 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20793 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20794 { # volumeDevice describes a mapping of a raw block device within a container. 20795 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20796 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20797 }, 20798 ], 20799 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20800 { # VolumeMount describes a mounting of a Volume within a container. 20801 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20802 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20803 "name": "A String", # This must match the Name of a Volume. 20804 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20805 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20806 }, 20807 ], 20808 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20809 }, 20810 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 20811 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 20812 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 20813 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20814 "A String", 20815 ], 20816 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20817 "A String", 20818 ], 20819 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20820 { # EnvVar represents an environment variable present in a Container. 20821 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20822 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20823 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20824 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20825 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20826 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20827 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20828 }, 20829 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20830 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20831 }, 20832 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20833 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20834 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20835 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20836 }, 20837 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20838 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20839 }, 20840 }, 20841 }, 20842 ], 20843 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20844 { # EnvFromSource represents the source of a set of ConfigMaps 20845 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20846 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20847 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20848 }, 20849 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20850 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20851 }, 20852 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20853 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20854 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20855 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20856 }, 20857 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20858 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20859 }, 20860 }, 20861 ], 20862 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20863 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20864 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20865 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20866 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20867 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20868 "A String", 20869 ], 20870 }, 20871 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20872 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20873 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20874 { # HTTPHeader describes a custom header to be used in HTTP probes 20875 "name": "A String", # The header field name 20876 "value": "A String", # The header field value 20877 }, 20878 ], 20879 "path": "A String", # Path to access on the HTTP server. +optional 20880 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20881 "intVal": 42, # The int value. 20882 "strVal": "A String", # The string value. 20883 "type": 42, # The type of the value. 20884 }, 20885 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20886 }, 20887 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20888 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20889 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20890 "intVal": 42, # The int value. 20891 "strVal": "A String", # The string value. 20892 "type": 42, # The type of the value. 20893 }, 20894 }, 20895 }, 20896 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20897 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20898 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20899 "A String", 20900 ], 20901 }, 20902 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20903 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20904 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20905 { # HTTPHeader describes a custom header to be used in HTTP probes 20906 "name": "A String", # The header field name 20907 "value": "A String", # The header field value 20908 }, 20909 ], 20910 "path": "A String", # Path to access on the HTTP server. +optional 20911 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20912 "intVal": 42, # The int value. 20913 "strVal": "A String", # The string value. 20914 "type": 42, # The type of the value. 20915 }, 20916 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20917 }, 20918 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20919 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20920 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20921 "intVal": 42, # The int value. 20922 "strVal": "A String", # The string value. 20923 "type": 42, # The type of the value. 20924 }, 20925 }, 20926 }, 20927 }, 20928 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20929 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20930 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20931 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20932 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20933 "A String", 20934 ], 20935 }, 20936 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20937 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20938 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20939 { # HTTPHeader describes a custom header to be used in HTTP probes 20940 "name": "A String", # The header field name 20941 "value": "A String", # The header field value 20942 }, 20943 ], 20944 "path": "A String", # Path to access on the HTTP server. +optional 20945 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20946 "intVal": 42, # The int value. 20947 "strVal": "A String", # The string value. 20948 "type": 42, # The type of the value. 20949 }, 20950 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20951 }, 20952 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20953 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20954 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20955 "intVal": 42, # The int value. 20956 "strVal": "A String", # The string value. 20957 "type": 42, # The type of the value. 20958 }, 20959 }, 20960 }, 20961 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20962 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20963 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20964 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20965 }, 20966 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20967 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20968 { # ContainerPort represents a network port in a single container. 20969 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20970 "hostIP": "A String", # What host IP to bind the external port to. +optional 20971 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20972 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20973 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20974 }, 20975 ], 20976 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20977 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20978 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20979 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20980 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20981 "A String", 20982 ], 20983 }, 20984 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20985 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20986 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20987 { # HTTPHeader describes a custom header to be used in HTTP probes 20988 "name": "A String", # The header field name 20989 "value": "A String", # The header field value 20990 }, 20991 ], 20992 "path": "A String", # Path to access on the HTTP server. +optional 20993 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20994 "intVal": 42, # The int value. 20995 "strVal": "A String", # The string value. 20996 "type": 42, # The type of the value. 20997 }, 20998 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20999 }, 21000 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21001 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21002 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21003 "intVal": 42, # The int value. 21004 "strVal": "A String", # The string value. 21005 "type": 42, # The type of the value. 21006 }, 21007 }, 21008 }, 21009 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21010 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21011 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21012 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21013 }, 21014 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21015 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21016 "a_key": "A String", 21017 }, 21018 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21019 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21020 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21021 }, 21022 }, 21023 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21024 "a_key": "A String", 21025 }, 21026 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21027 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21028 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21029 }, 21030 }, 21031 }, 21032 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21033 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21034 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21035 "add": [ # Added capabilities +optional 21036 "A String", 21037 ], 21038 "drop": [ # Removed capabilities +optional 21039 "A String", 21040 ], 21041 }, 21042 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21043 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21044 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21045 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21046 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21047 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21048 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21049 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21050 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21051 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21052 }, 21053 }, 21054 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21055 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21056 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21057 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21058 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21059 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21060 { # volumeDevice describes a mapping of a raw block device within a container. 21061 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21062 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21063 }, 21064 ], 21065 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21066 { # VolumeMount describes a mounting of a Volume within a container. 21067 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21068 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21069 "name": "A String", # This must match the Name of a Volume. 21070 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21071 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21072 }, 21073 ], 21074 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21075 }, 21076 ], 21077 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21078 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 21079 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 21080 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 21081 "volumes": [ 21082 { # Volume represents a named volume in a container. 21083 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 21084 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21085 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21086 { # Maps a string key to a path within a volume. 21087 "key": "A String", # The key to project. 21088 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21089 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21090 }, 21091 ], 21092 "name": "A String", # Name of the config. 21093 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21094 }, 21095 "name": "A String", # Volume's name. 21096 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 21097 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21098 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21099 { # Maps a string key to a path within a volume. 21100 "key": "A String", # The key to project. 21101 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21102 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21103 }, 21104 ], 21105 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21106 "secretName": "A String", # Name of the secret in the container's namespace to use. 21107 }, 21108 }, 21109 ], 21110 }, 21111 }, 21112 }, 21113 }, 21114 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 21115 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 21116 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21117 "a_key": "A String", 21118 }, 21119 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21120 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21121 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21122 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21123 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21124 "A String", 21125 ], 21126 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21127 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21128 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21129 "a_key": "A String", 21130 }, 21131 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21132 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21133 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21134 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21135 "apiVersion": "A String", # API version of the referent. 21136 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21137 "controller": True or False, # If true, this reference points to the managing controller. +optional 21138 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21139 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21140 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21141 }, 21142 ], 21143 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21144 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21145 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21146 }, 21147 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 21148 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 21149 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 21150 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21151 "A String", 21152 ], 21153 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21154 "A String", 21155 ], 21156 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21157 { # EnvVar represents an environment variable present in a Container. 21158 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21159 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21160 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21161 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21162 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21163 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21164 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21165 }, 21166 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21167 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21168 }, 21169 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21170 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21171 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21172 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21173 }, 21174 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21175 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21176 }, 21177 }, 21178 }, 21179 ], 21180 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21181 { # EnvFromSource represents the source of a set of ConfigMaps 21182 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21183 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21184 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21185 }, 21186 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21187 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21188 }, 21189 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21190 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21191 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21192 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21193 }, 21194 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21195 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21196 }, 21197 }, 21198 ], 21199 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21200 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21201 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21202 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21203 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21204 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21205 "A String", 21206 ], 21207 }, 21208 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21209 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21210 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21211 { # HTTPHeader describes a custom header to be used in HTTP probes 21212 "name": "A String", # The header field name 21213 "value": "A String", # The header field value 21214 }, 21215 ], 21216 "path": "A String", # Path to access on the HTTP server. +optional 21217 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21218 "intVal": 42, # The int value. 21219 "strVal": "A String", # The string value. 21220 "type": 42, # The type of the value. 21221 }, 21222 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21223 }, 21224 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21225 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21226 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21227 "intVal": 42, # The int value. 21228 "strVal": "A String", # The string value. 21229 "type": 42, # The type of the value. 21230 }, 21231 }, 21232 }, 21233 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21234 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21235 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21236 "A String", 21237 ], 21238 }, 21239 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21240 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21241 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21242 { # HTTPHeader describes a custom header to be used in HTTP probes 21243 "name": "A String", # The header field name 21244 "value": "A String", # The header field value 21245 }, 21246 ], 21247 "path": "A String", # Path to access on the HTTP server. +optional 21248 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21249 "intVal": 42, # The int value. 21250 "strVal": "A String", # The string value. 21251 "type": 42, # The type of the value. 21252 }, 21253 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21254 }, 21255 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21256 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21257 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21258 "intVal": 42, # The int value. 21259 "strVal": "A String", # The string value. 21260 "type": 42, # The type of the value. 21261 }, 21262 }, 21263 }, 21264 }, 21265 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21266 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21267 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21268 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21269 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21270 "A String", 21271 ], 21272 }, 21273 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21274 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21275 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21276 { # HTTPHeader describes a custom header to be used in HTTP probes 21277 "name": "A String", # The header field name 21278 "value": "A String", # The header field value 21279 }, 21280 ], 21281 "path": "A String", # Path to access on the HTTP server. +optional 21282 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21283 "intVal": 42, # The int value. 21284 "strVal": "A String", # The string value. 21285 "type": 42, # The type of the value. 21286 }, 21287 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21288 }, 21289 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21290 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21291 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21292 "intVal": 42, # The int value. 21293 "strVal": "A String", # The string value. 21294 "type": 42, # The type of the value. 21295 }, 21296 }, 21297 }, 21298 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21299 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21300 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21301 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21302 }, 21303 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 21304 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 21305 { # ContainerPort represents a network port in a single container. 21306 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 21307 "hostIP": "A String", # What host IP to bind the external port to. +optional 21308 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 21309 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 21310 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 21311 }, 21312 ], 21313 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21314 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21315 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21316 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21317 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21318 "A String", 21319 ], 21320 }, 21321 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21322 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21323 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21324 { # HTTPHeader describes a custom header to be used in HTTP probes 21325 "name": "A String", # The header field name 21326 "value": "A String", # The header field value 21327 }, 21328 ], 21329 "path": "A String", # Path to access on the HTTP server. +optional 21330 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21331 "intVal": 42, # The int value. 21332 "strVal": "A String", # The string value. 21333 "type": 42, # The type of the value. 21334 }, 21335 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21336 }, 21337 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21338 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21339 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21340 "intVal": 42, # The int value. 21341 "strVal": "A String", # The string value. 21342 "type": 42, # The type of the value. 21343 }, 21344 }, 21345 }, 21346 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21347 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21348 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21349 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21350 }, 21351 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21352 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21353 "a_key": "A String", 21354 }, 21355 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21356 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21357 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21358 }, 21359 }, 21360 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21361 "a_key": "A String", 21362 }, 21363 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21364 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21365 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21366 }, 21367 }, 21368 }, 21369 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21370 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21371 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21372 "add": [ # Added capabilities +optional 21373 "A String", 21374 ], 21375 "drop": [ # Removed capabilities +optional 21376 "A String", 21377 ], 21378 }, 21379 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21380 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21381 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21382 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21383 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21384 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21385 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21386 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21387 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21388 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21389 }, 21390 }, 21391 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21392 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21393 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21394 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21395 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21396 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21397 { # volumeDevice describes a mapping of a raw block device within a container. 21398 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21399 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21400 }, 21401 ], 21402 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21403 { # VolumeMount describes a mounting of a Volume within a container. 21404 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21405 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21406 "name": "A String", # This must match the Name of a Volume. 21407 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21408 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21409 }, 21410 ], 21411 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21412 }, 21413 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 21414 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 21415 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 21416 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21417 "A String", 21418 ], 21419 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21420 "A String", 21421 ], 21422 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21423 { # EnvVar represents an environment variable present in a Container. 21424 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21425 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21426 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21427 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21428 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21429 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21430 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21431 }, 21432 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21433 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21434 }, 21435 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21436 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21437 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21438 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21439 }, 21440 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21441 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21442 }, 21443 }, 21444 }, 21445 ], 21446 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21447 { # EnvFromSource represents the source of a set of ConfigMaps 21448 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21449 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21450 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21451 }, 21452 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21453 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21454 }, 21455 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21456 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21457 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21458 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21459 }, 21460 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21461 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21462 }, 21463 }, 21464 ], 21465 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21466 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21467 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21468 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21469 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21470 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21471 "A String", 21472 ], 21473 }, 21474 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21475 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21476 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21477 { # HTTPHeader describes a custom header to be used in HTTP probes 21478 "name": "A String", # The header field name 21479 "value": "A String", # The header field value 21480 }, 21481 ], 21482 "path": "A String", # Path to access on the HTTP server. +optional 21483 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21484 "intVal": 42, # The int value. 21485 "strVal": "A String", # The string value. 21486 "type": 42, # The type of the value. 21487 }, 21488 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21489 }, 21490 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21491 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21492 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21493 "intVal": 42, # The int value. 21494 "strVal": "A String", # The string value. 21495 "type": 42, # The type of the value. 21496 }, 21497 }, 21498 }, 21499 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21500 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21501 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21502 "A String", 21503 ], 21504 }, 21505 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21506 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21507 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21508 { # HTTPHeader describes a custom header to be used in HTTP probes 21509 "name": "A String", # The header field name 21510 "value": "A String", # The header field value 21511 }, 21512 ], 21513 "path": "A String", # Path to access on the HTTP server. +optional 21514 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21515 "intVal": 42, # The int value. 21516 "strVal": "A String", # The string value. 21517 "type": 42, # The type of the value. 21518 }, 21519 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21520 }, 21521 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21522 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21523 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21524 "intVal": 42, # The int value. 21525 "strVal": "A String", # The string value. 21526 "type": 42, # The type of the value. 21527 }, 21528 }, 21529 }, 21530 }, 21531 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21532 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21533 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21534 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21535 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21536 "A String", 21537 ], 21538 }, 21539 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21540 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21541 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21542 { # HTTPHeader describes a custom header to be used in HTTP probes 21543 "name": "A String", # The header field name 21544 "value": "A String", # The header field value 21545 }, 21546 ], 21547 "path": "A String", # Path to access on the HTTP server. +optional 21548 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21549 "intVal": 42, # The int value. 21550 "strVal": "A String", # The string value. 21551 "type": 42, # The type of the value. 21552 }, 21553 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21554 }, 21555 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21556 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21557 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21558 "intVal": 42, # The int value. 21559 "strVal": "A String", # The string value. 21560 "type": 42, # The type of the value. 21561 }, 21562 }, 21563 }, 21564 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21565 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21566 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21567 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21568 }, 21569 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 21570 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 21571 { # ContainerPort represents a network port in a single container. 21572 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 21573 "hostIP": "A String", # What host IP to bind the external port to. +optional 21574 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 21575 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 21576 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 21577 }, 21578 ], 21579 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21580 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21581 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21582 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21583 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21584 "A String", 21585 ], 21586 }, 21587 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21588 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21589 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21590 { # HTTPHeader describes a custom header to be used in HTTP probes 21591 "name": "A String", # The header field name 21592 "value": "A String", # The header field value 21593 }, 21594 ], 21595 "path": "A String", # Path to access on the HTTP server. +optional 21596 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21597 "intVal": 42, # The int value. 21598 "strVal": "A String", # The string value. 21599 "type": 42, # The type of the value. 21600 }, 21601 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21602 }, 21603 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21604 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21605 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21606 "intVal": 42, # The int value. 21607 "strVal": "A String", # The string value. 21608 "type": 42, # The type of the value. 21609 }, 21610 }, 21611 }, 21612 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21613 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21614 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21615 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21616 }, 21617 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21618 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21619 "a_key": "A String", 21620 }, 21621 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21622 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21623 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21624 }, 21625 }, 21626 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21627 "a_key": "A String", 21628 }, 21629 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21630 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21631 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21632 }, 21633 }, 21634 }, 21635 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21636 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21637 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21638 "add": [ # Added capabilities +optional 21639 "A String", 21640 ], 21641 "drop": [ # Removed capabilities +optional 21642 "A String", 21643 ], 21644 }, 21645 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21646 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21647 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21648 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21649 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21650 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21651 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21652 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21653 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21654 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21655 }, 21656 }, 21657 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21658 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21659 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21660 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21661 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21662 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21663 { # volumeDevice describes a mapping of a raw block device within a container. 21664 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21665 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21666 }, 21667 ], 21668 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21669 { # VolumeMount describes a mounting of a Volume within a container. 21670 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21671 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21672 "name": "A String", # This must match the Name of a Volume. 21673 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21674 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21675 }, 21676 ], 21677 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21678 }, 21679 ], 21680 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21681 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 21682 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 21683 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 21684 "volumes": [ 21685 { # Volume represents a named volume in a container. 21686 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 21687 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21688 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21689 { # Maps a string key to a path within a volume. 21690 "key": "A String", # The key to project. 21691 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21692 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21693 }, 21694 ], 21695 "name": "A String", # Name of the config. 21696 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21697 }, 21698 "name": "A String", # Volume's name. 21699 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 21700 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21701 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21702 { # Maps a string key to a path within a volume. 21703 "key": "A String", # The key to project. 21704 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21705 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21706 }, 21707 ], 21708 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21709 "secretName": "A String", # Name of the secret in the container's namespace to use. 21710 }, 21711 }, 21712 ], 21713 }, 21714 }, 21715 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 21716 { # TrafficTarget holds a single entry of the routing table for a Route. 21717 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 21718 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 21719 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 21720 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 21721 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 21722 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 21723 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 21724 }, 21725 ], 21726 }, 21727 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 21728 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 21729 "hostname": "A String", # Deprecated - use url instead. 21730 "url": "A String", 21731 }, 21732 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 21733 { # ServiceCondition defines a readiness condition for a Service. 21734 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 21735 "message": "A String", # Human-readable message indicating details about last transition. +optional 21736 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 21737 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 21738 "status": "A String", # Status of the condition, one of True, False, Unknown. 21739 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 21740 }, 21741 ], 21742 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 21743 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 21744 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 21745 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 21746 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 21747 { # TrafficTarget holds a single entry of the routing table for a Route. 21748 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 21749 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 21750 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 21751 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 21752 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 21753 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 21754 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 21755 }, 21756 ], 21757 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 21758 }, 21759} 21760 21761 x__xgafv: string, V1 error format. 21762 Allowed values 21763 1 - v1 error format 21764 2 - v2 error format 21765 21766Returns: 21767 An object of the form: 21768 21769 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 21770 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 21771 "kind": "A String", # The kind of resource, in this case "Service". 21772 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 21773 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21774 "a_key": "A String", 21775 }, 21776 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21777 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21778 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21779 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21780 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21781 "A String", 21782 ], 21783 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21784 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21785 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21786 "a_key": "A String", 21787 }, 21788 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21789 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21790 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21791 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21792 "apiVersion": "A String", # API version of the referent. 21793 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21794 "controller": True or False, # If true, this reference points to the managing controller. +optional 21795 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21796 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21797 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21798 }, 21799 ], 21800 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21801 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21802 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21803 }, 21804 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 21805 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21806 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 21807 }, 21808 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 21809 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 21810 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21811 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 21812 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 21813 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21814 "a_key": "A String", 21815 }, 21816 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21817 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21818 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21819 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21820 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21821 "A String", 21822 ], 21823 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21824 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21825 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21826 "a_key": "A String", 21827 }, 21828 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21829 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21830 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21831 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21832 "apiVersion": "A String", # API version of the referent. 21833 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21834 "controller": True or False, # If true, this reference points to the managing controller. +optional 21835 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21836 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21837 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21838 }, 21839 ], 21840 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21841 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21842 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21843 }, 21844 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 21845 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 21846 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 21847 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21848 "A String", 21849 ], 21850 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21851 "A String", 21852 ], 21853 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21854 { # EnvVar represents an environment variable present in a Container. 21855 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21856 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21857 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21858 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21859 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21860 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21861 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21862 }, 21863 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21864 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21865 }, 21866 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21867 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21868 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21869 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21870 }, 21871 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21872 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21873 }, 21874 }, 21875 }, 21876 ], 21877 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21878 { # EnvFromSource represents the source of a set of ConfigMaps 21879 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21880 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21881 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21882 }, 21883 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21884 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21885 }, 21886 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21887 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21888 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21889 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21890 }, 21891 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21892 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21893 }, 21894 }, 21895 ], 21896 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21897 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21898 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21899 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21900 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21901 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21902 "A String", 21903 ], 21904 }, 21905 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21906 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21907 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21908 { # HTTPHeader describes a custom header to be used in HTTP probes 21909 "name": "A String", # The header field name 21910 "value": "A String", # The header field value 21911 }, 21912 ], 21913 "path": "A String", # Path to access on the HTTP server. +optional 21914 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21915 "intVal": 42, # The int value. 21916 "strVal": "A String", # The string value. 21917 "type": 42, # The type of the value. 21918 }, 21919 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21920 }, 21921 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21922 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21923 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21924 "intVal": 42, # The int value. 21925 "strVal": "A String", # The string value. 21926 "type": 42, # The type of the value. 21927 }, 21928 }, 21929 }, 21930 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21931 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21932 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21933 "A String", 21934 ], 21935 }, 21936 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21937 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21938 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21939 { # HTTPHeader describes a custom header to be used in HTTP probes 21940 "name": "A String", # The header field name 21941 "value": "A String", # The header field value 21942 }, 21943 ], 21944 "path": "A String", # Path to access on the HTTP server. +optional 21945 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21946 "intVal": 42, # The int value. 21947 "strVal": "A String", # The string value. 21948 "type": 42, # The type of the value. 21949 }, 21950 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21951 }, 21952 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21953 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21954 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21955 "intVal": 42, # The int value. 21956 "strVal": "A String", # The string value. 21957 "type": 42, # The type of the value. 21958 }, 21959 }, 21960 }, 21961 }, 21962 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21963 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21964 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21965 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21966 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21967 "A String", 21968 ], 21969 }, 21970 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21971 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21972 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21973 { # HTTPHeader describes a custom header to be used in HTTP probes 21974 "name": "A String", # The header field name 21975 "value": "A String", # The header field value 21976 }, 21977 ], 21978 "path": "A String", # Path to access on the HTTP server. +optional 21979 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21980 "intVal": 42, # The int value. 21981 "strVal": "A String", # The string value. 21982 "type": 42, # The type of the value. 21983 }, 21984 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21985 }, 21986 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21987 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21988 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21989 "intVal": 42, # The int value. 21990 "strVal": "A String", # The string value. 21991 "type": 42, # The type of the value. 21992 }, 21993 }, 21994 }, 21995 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21996 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21997 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21998 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21999 }, 22000 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22001 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22002 { # ContainerPort represents a network port in a single container. 22003 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22004 "hostIP": "A String", # What host IP to bind the external port to. +optional 22005 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22006 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22007 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22008 }, 22009 ], 22010 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22011 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22012 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22013 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22014 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22015 "A String", 22016 ], 22017 }, 22018 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22019 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22020 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22021 { # HTTPHeader describes a custom header to be used in HTTP probes 22022 "name": "A String", # The header field name 22023 "value": "A String", # The header field value 22024 }, 22025 ], 22026 "path": "A String", # Path to access on the HTTP server. +optional 22027 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22028 "intVal": 42, # The int value. 22029 "strVal": "A String", # The string value. 22030 "type": 42, # The type of the value. 22031 }, 22032 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22033 }, 22034 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22035 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22036 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22037 "intVal": 42, # The int value. 22038 "strVal": "A String", # The string value. 22039 "type": 42, # The type of the value. 22040 }, 22041 }, 22042 }, 22043 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22044 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22045 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22046 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22047 }, 22048 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22049 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22050 "a_key": "A String", 22051 }, 22052 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22053 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22054 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22055 }, 22056 }, 22057 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22058 "a_key": "A String", 22059 }, 22060 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22061 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22062 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22063 }, 22064 }, 22065 }, 22066 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22067 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22068 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22069 "add": [ # Added capabilities +optional 22070 "A String", 22071 ], 22072 "drop": [ # Removed capabilities +optional 22073 "A String", 22074 ], 22075 }, 22076 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22077 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22078 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22079 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22080 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22081 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22082 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22083 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22084 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22085 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22086 }, 22087 }, 22088 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22089 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22090 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22091 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22092 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22093 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22094 { # volumeDevice describes a mapping of a raw block device within a container. 22095 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22096 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22097 }, 22098 ], 22099 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22100 { # VolumeMount describes a mounting of a Volume within a container. 22101 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22102 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22103 "name": "A String", # This must match the Name of a Volume. 22104 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22105 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22106 }, 22107 ], 22108 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22109 }, 22110 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 22111 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 22112 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 22113 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22114 "A String", 22115 ], 22116 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22117 "A String", 22118 ], 22119 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22120 { # EnvVar represents an environment variable present in a Container. 22121 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22122 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22123 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22124 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22125 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22126 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22127 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22128 }, 22129 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22130 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22131 }, 22132 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22133 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22134 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22135 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22136 }, 22137 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22138 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22139 }, 22140 }, 22141 }, 22142 ], 22143 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22144 { # EnvFromSource represents the source of a set of ConfigMaps 22145 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22146 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22147 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22148 }, 22149 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22150 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22151 }, 22152 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22153 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22154 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22155 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22156 }, 22157 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22158 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22159 }, 22160 }, 22161 ], 22162 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22163 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22164 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22165 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22166 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22167 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22168 "A String", 22169 ], 22170 }, 22171 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22172 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22173 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22174 { # HTTPHeader describes a custom header to be used in HTTP probes 22175 "name": "A String", # The header field name 22176 "value": "A String", # The header field value 22177 }, 22178 ], 22179 "path": "A String", # Path to access on the HTTP server. +optional 22180 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22181 "intVal": 42, # The int value. 22182 "strVal": "A String", # The string value. 22183 "type": 42, # The type of the value. 22184 }, 22185 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22186 }, 22187 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22188 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22189 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22190 "intVal": 42, # The int value. 22191 "strVal": "A String", # The string value. 22192 "type": 42, # The type of the value. 22193 }, 22194 }, 22195 }, 22196 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22197 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22198 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22199 "A String", 22200 ], 22201 }, 22202 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22203 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22204 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22205 { # HTTPHeader describes a custom header to be used in HTTP probes 22206 "name": "A String", # The header field name 22207 "value": "A String", # The header field value 22208 }, 22209 ], 22210 "path": "A String", # Path to access on the HTTP server. +optional 22211 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22212 "intVal": 42, # The int value. 22213 "strVal": "A String", # The string value. 22214 "type": 42, # The type of the value. 22215 }, 22216 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22217 }, 22218 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22219 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22220 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22221 "intVal": 42, # The int value. 22222 "strVal": "A String", # The string value. 22223 "type": 42, # The type of the value. 22224 }, 22225 }, 22226 }, 22227 }, 22228 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22229 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22230 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22231 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22232 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22233 "A String", 22234 ], 22235 }, 22236 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22237 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22238 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22239 { # HTTPHeader describes a custom header to be used in HTTP probes 22240 "name": "A String", # The header field name 22241 "value": "A String", # The header field value 22242 }, 22243 ], 22244 "path": "A String", # Path to access on the HTTP server. +optional 22245 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22246 "intVal": 42, # The int value. 22247 "strVal": "A String", # The string value. 22248 "type": 42, # The type of the value. 22249 }, 22250 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22251 }, 22252 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22253 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22254 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22255 "intVal": 42, # The int value. 22256 "strVal": "A String", # The string value. 22257 "type": 42, # The type of the value. 22258 }, 22259 }, 22260 }, 22261 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22262 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22263 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22264 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22265 }, 22266 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22267 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22268 { # ContainerPort represents a network port in a single container. 22269 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22270 "hostIP": "A String", # What host IP to bind the external port to. +optional 22271 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22272 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22273 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22274 }, 22275 ], 22276 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22277 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22278 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22279 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22280 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22281 "A String", 22282 ], 22283 }, 22284 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22285 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22286 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22287 { # HTTPHeader describes a custom header to be used in HTTP probes 22288 "name": "A String", # The header field name 22289 "value": "A String", # The header field value 22290 }, 22291 ], 22292 "path": "A String", # Path to access on the HTTP server. +optional 22293 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22294 "intVal": 42, # The int value. 22295 "strVal": "A String", # The string value. 22296 "type": 42, # The type of the value. 22297 }, 22298 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22299 }, 22300 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22301 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22302 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22303 "intVal": 42, # The int value. 22304 "strVal": "A String", # The string value. 22305 "type": 42, # The type of the value. 22306 }, 22307 }, 22308 }, 22309 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22310 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22311 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22312 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22313 }, 22314 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22315 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22316 "a_key": "A String", 22317 }, 22318 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22319 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22320 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22321 }, 22322 }, 22323 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22324 "a_key": "A String", 22325 }, 22326 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22327 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22328 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22329 }, 22330 }, 22331 }, 22332 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22333 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22334 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22335 "add": [ # Added capabilities +optional 22336 "A String", 22337 ], 22338 "drop": [ # Removed capabilities +optional 22339 "A String", 22340 ], 22341 }, 22342 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22343 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22344 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22345 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22346 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22347 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22348 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22349 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22350 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22351 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22352 }, 22353 }, 22354 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22355 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22356 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22357 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22358 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22359 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22360 { # volumeDevice describes a mapping of a raw block device within a container. 22361 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22362 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22363 }, 22364 ], 22365 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22366 { # VolumeMount describes a mounting of a Volume within a container. 22367 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22368 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22369 "name": "A String", # This must match the Name of a Volume. 22370 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22371 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22372 }, 22373 ], 22374 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22375 }, 22376 ], 22377 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 22378 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 22379 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 22380 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 22381 "volumes": [ 22382 { # Volume represents a named volume in a container. 22383 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 22384 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22385 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 22386 { # Maps a string key to a path within a volume. 22387 "key": "A String", # The key to project. 22388 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 22389 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 22390 }, 22391 ], 22392 "name": "A String", # Name of the config. 22393 "optional": True or False, # Specify whether the Secret or its keys must be defined. 22394 }, 22395 "name": "A String", # Volume's name. 22396 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 22397 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22398 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 22399 { # Maps a string key to a path within a volume. 22400 "key": "A String", # The key to project. 22401 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 22402 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 22403 }, 22404 ], 22405 "optional": True or False, # Specify whether the Secret or its keys must be defined. 22406 "secretName": "A String", # Name of the secret in the container's namespace to use. 22407 }, 22408 }, 22409 ], 22410 }, 22411 }, 22412 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 22413 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 22414 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 22415 "a_key": "A String", 22416 }, 22417 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 22418 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 22419 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 22420 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 22421 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 22422 "A String", 22423 ], 22424 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 22425 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 22426 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 22427 "a_key": "A String", 22428 }, 22429 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 22430 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 22431 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 22432 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 22433 "apiVersion": "A String", # API version of the referent. 22434 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 22435 "controller": True or False, # If true, this reference points to the managing controller. +optional 22436 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 22437 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 22438 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 22439 }, 22440 ], 22441 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 22442 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 22443 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 22444 }, 22445 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 22446 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 22447 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 22448 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22449 "A String", 22450 ], 22451 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22452 "A String", 22453 ], 22454 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22455 { # EnvVar represents an environment variable present in a Container. 22456 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22457 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22458 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22459 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22460 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22461 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22462 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22463 }, 22464 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22465 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22466 }, 22467 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22468 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22469 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22470 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22471 }, 22472 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22473 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22474 }, 22475 }, 22476 }, 22477 ], 22478 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22479 { # EnvFromSource represents the source of a set of ConfigMaps 22480 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22481 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22482 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22483 }, 22484 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22485 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22486 }, 22487 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22488 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22489 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22490 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22491 }, 22492 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22493 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22494 }, 22495 }, 22496 ], 22497 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22498 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22499 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22500 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22501 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22502 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22503 "A String", 22504 ], 22505 }, 22506 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22507 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22508 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22509 { # HTTPHeader describes a custom header to be used in HTTP probes 22510 "name": "A String", # The header field name 22511 "value": "A String", # The header field value 22512 }, 22513 ], 22514 "path": "A String", # Path to access on the HTTP server. +optional 22515 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22516 "intVal": 42, # The int value. 22517 "strVal": "A String", # The string value. 22518 "type": 42, # The type of the value. 22519 }, 22520 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22521 }, 22522 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22523 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22524 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22525 "intVal": 42, # The int value. 22526 "strVal": "A String", # The string value. 22527 "type": 42, # The type of the value. 22528 }, 22529 }, 22530 }, 22531 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22532 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22533 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22534 "A String", 22535 ], 22536 }, 22537 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22538 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22539 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22540 { # HTTPHeader describes a custom header to be used in HTTP probes 22541 "name": "A String", # The header field name 22542 "value": "A String", # The header field value 22543 }, 22544 ], 22545 "path": "A String", # Path to access on the HTTP server. +optional 22546 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22547 "intVal": 42, # The int value. 22548 "strVal": "A String", # The string value. 22549 "type": 42, # The type of the value. 22550 }, 22551 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22552 }, 22553 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22554 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22555 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22556 "intVal": 42, # The int value. 22557 "strVal": "A String", # The string value. 22558 "type": 42, # The type of the value. 22559 }, 22560 }, 22561 }, 22562 }, 22563 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22564 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22565 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22566 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22567 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22568 "A String", 22569 ], 22570 }, 22571 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22572 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22573 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22574 { # HTTPHeader describes a custom header to be used in HTTP probes 22575 "name": "A String", # The header field name 22576 "value": "A String", # The header field value 22577 }, 22578 ], 22579 "path": "A String", # Path to access on the HTTP server. +optional 22580 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22581 "intVal": 42, # The int value. 22582 "strVal": "A String", # The string value. 22583 "type": 42, # The type of the value. 22584 }, 22585 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22586 }, 22587 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22588 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22589 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22590 "intVal": 42, # The int value. 22591 "strVal": "A String", # The string value. 22592 "type": 42, # The type of the value. 22593 }, 22594 }, 22595 }, 22596 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22597 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22598 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22599 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22600 }, 22601 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22602 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22603 { # ContainerPort represents a network port in a single container. 22604 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22605 "hostIP": "A String", # What host IP to bind the external port to. +optional 22606 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22607 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22608 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22609 }, 22610 ], 22611 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22612 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22613 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22614 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22615 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22616 "A String", 22617 ], 22618 }, 22619 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22620 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22621 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22622 { # HTTPHeader describes a custom header to be used in HTTP probes 22623 "name": "A String", # The header field name 22624 "value": "A String", # The header field value 22625 }, 22626 ], 22627 "path": "A String", # Path to access on the HTTP server. +optional 22628 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22629 "intVal": 42, # The int value. 22630 "strVal": "A String", # The string value. 22631 "type": 42, # The type of the value. 22632 }, 22633 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22634 }, 22635 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22636 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22637 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22638 "intVal": 42, # The int value. 22639 "strVal": "A String", # The string value. 22640 "type": 42, # The type of the value. 22641 }, 22642 }, 22643 }, 22644 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22645 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22646 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22647 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22648 }, 22649 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22650 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22651 "a_key": "A String", 22652 }, 22653 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22654 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22655 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22656 }, 22657 }, 22658 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22659 "a_key": "A String", 22660 }, 22661 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22662 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22663 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22664 }, 22665 }, 22666 }, 22667 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22668 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22669 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22670 "add": [ # Added capabilities +optional 22671 "A String", 22672 ], 22673 "drop": [ # Removed capabilities +optional 22674 "A String", 22675 ], 22676 }, 22677 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22678 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22679 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22680 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22681 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22682 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22683 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22684 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22685 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22686 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22687 }, 22688 }, 22689 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22690 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22691 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22692 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22693 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22694 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22695 { # volumeDevice describes a mapping of a raw block device within a container. 22696 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22697 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22698 }, 22699 ], 22700 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22701 { # VolumeMount describes a mounting of a Volume within a container. 22702 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22703 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22704 "name": "A String", # This must match the Name of a Volume. 22705 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22706 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22707 }, 22708 ], 22709 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22710 }, 22711 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 22712 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 22713 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 22714 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22715 "A String", 22716 ], 22717 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22718 "A String", 22719 ], 22720 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22721 { # EnvVar represents an environment variable present in a Container. 22722 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22723 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22724 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22725 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22726 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22727 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22728 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22729 }, 22730 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22731 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22732 }, 22733 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22734 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22735 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22736 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22737 }, 22738 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22739 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22740 }, 22741 }, 22742 }, 22743 ], 22744 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22745 { # EnvFromSource represents the source of a set of ConfigMaps 22746 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22747 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22748 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22749 }, 22750 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22751 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22752 }, 22753 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22754 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22755 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22756 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22757 }, 22758 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22759 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22760 }, 22761 }, 22762 ], 22763 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22764 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22765 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22766 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22767 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22768 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22769 "A String", 22770 ], 22771 }, 22772 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22773 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22774 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22775 { # HTTPHeader describes a custom header to be used in HTTP probes 22776 "name": "A String", # The header field name 22777 "value": "A String", # The header field value 22778 }, 22779 ], 22780 "path": "A String", # Path to access on the HTTP server. +optional 22781 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22782 "intVal": 42, # The int value. 22783 "strVal": "A String", # The string value. 22784 "type": 42, # The type of the value. 22785 }, 22786 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22787 }, 22788 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22789 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22790 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22791 "intVal": 42, # The int value. 22792 "strVal": "A String", # The string value. 22793 "type": 42, # The type of the value. 22794 }, 22795 }, 22796 }, 22797 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22798 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22799 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22800 "A String", 22801 ], 22802 }, 22803 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22804 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22805 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22806 { # HTTPHeader describes a custom header to be used in HTTP probes 22807 "name": "A String", # The header field name 22808 "value": "A String", # The header field value 22809 }, 22810 ], 22811 "path": "A String", # Path to access on the HTTP server. +optional 22812 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22813 "intVal": 42, # The int value. 22814 "strVal": "A String", # The string value. 22815 "type": 42, # The type of the value. 22816 }, 22817 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22818 }, 22819 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22820 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22821 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22822 "intVal": 42, # The int value. 22823 "strVal": "A String", # The string value. 22824 "type": 42, # The type of the value. 22825 }, 22826 }, 22827 }, 22828 }, 22829 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22830 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22831 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22832 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22833 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22834 "A String", 22835 ], 22836 }, 22837 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22838 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22839 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22840 { # HTTPHeader describes a custom header to be used in HTTP probes 22841 "name": "A String", # The header field name 22842 "value": "A String", # The header field value 22843 }, 22844 ], 22845 "path": "A String", # Path to access on the HTTP server. +optional 22846 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22847 "intVal": 42, # The int value. 22848 "strVal": "A String", # The string value. 22849 "type": 42, # The type of the value. 22850 }, 22851 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22852 }, 22853 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22854 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22855 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22856 "intVal": 42, # The int value. 22857 "strVal": "A String", # The string value. 22858 "type": 42, # The type of the value. 22859 }, 22860 }, 22861 }, 22862 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22863 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22864 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22865 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22866 }, 22867 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22868 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22869 { # ContainerPort represents a network port in a single container. 22870 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22871 "hostIP": "A String", # What host IP to bind the external port to. +optional 22872 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22873 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22874 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22875 }, 22876 ], 22877 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22878 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22879 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22880 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22881 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22882 "A String", 22883 ], 22884 }, 22885 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22886 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22887 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22888 { # HTTPHeader describes a custom header to be used in HTTP probes 22889 "name": "A String", # The header field name 22890 "value": "A String", # The header field value 22891 }, 22892 ], 22893 "path": "A String", # Path to access on the HTTP server. +optional 22894 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22895 "intVal": 42, # The int value. 22896 "strVal": "A String", # The string value. 22897 "type": 42, # The type of the value. 22898 }, 22899 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22900 }, 22901 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22902 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22903 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22904 "intVal": 42, # The int value. 22905 "strVal": "A String", # The string value. 22906 "type": 42, # The type of the value. 22907 }, 22908 }, 22909 }, 22910 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22911 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22912 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22913 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22914 }, 22915 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22916 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22917 "a_key": "A String", 22918 }, 22919 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22920 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22921 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22922 }, 22923 }, 22924 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22925 "a_key": "A String", 22926 }, 22927 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22928 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22929 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22930 }, 22931 }, 22932 }, 22933 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22934 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22935 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22936 "add": [ # Added capabilities +optional 22937 "A String", 22938 ], 22939 "drop": [ # Removed capabilities +optional 22940 "A String", 22941 ], 22942 }, 22943 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22944 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22945 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22946 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22947 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22948 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22949 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22950 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22951 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22952 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22953 }, 22954 }, 22955 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22956 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22957 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22958 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22959 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22960 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22961 { # volumeDevice describes a mapping of a raw block device within a container. 22962 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22963 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22964 }, 22965 ], 22966 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22967 { # VolumeMount describes a mounting of a Volume within a container. 22968 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22969 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22970 "name": "A String", # This must match the Name of a Volume. 22971 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22972 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22973 }, 22974 ], 22975 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22976 }, 22977 ], 22978 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 22979 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 22980 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 22981 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 22982 "volumes": [ 22983 { # Volume represents a named volume in a container. 22984 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 22985 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22986 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 22987 { # Maps a string key to a path within a volume. 22988 "key": "A String", # The key to project. 22989 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 22990 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 22991 }, 22992 ], 22993 "name": "A String", # Name of the config. 22994 "optional": True or False, # Specify whether the Secret or its keys must be defined. 22995 }, 22996 "name": "A String", # Volume's name. 22997 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 22998 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22999 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23000 { # Maps a string key to a path within a volume. 23001 "key": "A String", # The key to project. 23002 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23003 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23004 }, 23005 ], 23006 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23007 "secretName": "A String", # Name of the secret in the container's namespace to use. 23008 }, 23009 }, 23010 ], 23011 }, 23012 }, 23013 }, 23014 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 23015 }, 23016 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 23017 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 23018 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 23019 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 23020 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 23021 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 23022 "a_key": "A String", 23023 }, 23024 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 23025 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23026 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 23027 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23028 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 23029 "A String", 23030 ], 23031 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 23032 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 23033 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 23034 "a_key": "A String", 23035 }, 23036 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 23037 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 23038 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 23039 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 23040 "apiVersion": "A String", # API version of the referent. 23041 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 23042 "controller": True or False, # If true, this reference points to the managing controller. +optional 23043 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 23044 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 23045 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 23046 }, 23047 ], 23048 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 23049 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 23050 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 23051 }, 23052 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 23053 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 23054 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 23055 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23056 "A String", 23057 ], 23058 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23059 "A String", 23060 ], 23061 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23062 { # EnvVar represents an environment variable present in a Container. 23063 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23064 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23065 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23066 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23067 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23068 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23069 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23070 }, 23071 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23072 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23073 }, 23074 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23075 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23076 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23077 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23078 }, 23079 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23080 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23081 }, 23082 }, 23083 }, 23084 ], 23085 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23086 { # EnvFromSource represents the source of a set of ConfigMaps 23087 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23088 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23089 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23090 }, 23091 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23092 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23093 }, 23094 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23095 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23096 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23097 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23098 }, 23099 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23100 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23101 }, 23102 }, 23103 ], 23104 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23105 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23106 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23107 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23108 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23109 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23110 "A String", 23111 ], 23112 }, 23113 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23114 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23115 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23116 { # HTTPHeader describes a custom header to be used in HTTP probes 23117 "name": "A String", # The header field name 23118 "value": "A String", # The header field value 23119 }, 23120 ], 23121 "path": "A String", # Path to access on the HTTP server. +optional 23122 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23123 "intVal": 42, # The int value. 23124 "strVal": "A String", # The string value. 23125 "type": 42, # The type of the value. 23126 }, 23127 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23128 }, 23129 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23130 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23131 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23132 "intVal": 42, # The int value. 23133 "strVal": "A String", # The string value. 23134 "type": 42, # The type of the value. 23135 }, 23136 }, 23137 }, 23138 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23139 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23140 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23141 "A String", 23142 ], 23143 }, 23144 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23145 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23146 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23147 { # HTTPHeader describes a custom header to be used in HTTP probes 23148 "name": "A String", # The header field name 23149 "value": "A String", # The header field value 23150 }, 23151 ], 23152 "path": "A String", # Path to access on the HTTP server. +optional 23153 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23154 "intVal": 42, # The int value. 23155 "strVal": "A String", # The string value. 23156 "type": 42, # The type of the value. 23157 }, 23158 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23159 }, 23160 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23161 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23162 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23163 "intVal": 42, # The int value. 23164 "strVal": "A String", # The string value. 23165 "type": 42, # The type of the value. 23166 }, 23167 }, 23168 }, 23169 }, 23170 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23171 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23172 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23173 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23174 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23175 "A String", 23176 ], 23177 }, 23178 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23179 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23180 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23181 { # HTTPHeader describes a custom header to be used in HTTP probes 23182 "name": "A String", # The header field name 23183 "value": "A String", # The header field value 23184 }, 23185 ], 23186 "path": "A String", # Path to access on the HTTP server. +optional 23187 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23188 "intVal": 42, # The int value. 23189 "strVal": "A String", # The string value. 23190 "type": 42, # The type of the value. 23191 }, 23192 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23193 }, 23194 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23195 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23196 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23197 "intVal": 42, # The int value. 23198 "strVal": "A String", # The string value. 23199 "type": 42, # The type of the value. 23200 }, 23201 }, 23202 }, 23203 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23204 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23205 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23206 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23207 }, 23208 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23209 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23210 { # ContainerPort represents a network port in a single container. 23211 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23212 "hostIP": "A String", # What host IP to bind the external port to. +optional 23213 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23214 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23215 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23216 }, 23217 ], 23218 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23219 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23220 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23221 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23222 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23223 "A String", 23224 ], 23225 }, 23226 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23227 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23228 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23229 { # HTTPHeader describes a custom header to be used in HTTP probes 23230 "name": "A String", # The header field name 23231 "value": "A String", # The header field value 23232 }, 23233 ], 23234 "path": "A String", # Path to access on the HTTP server. +optional 23235 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23236 "intVal": 42, # The int value. 23237 "strVal": "A String", # The string value. 23238 "type": 42, # The type of the value. 23239 }, 23240 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23241 }, 23242 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23243 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23244 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23245 "intVal": 42, # The int value. 23246 "strVal": "A String", # The string value. 23247 "type": 42, # The type of the value. 23248 }, 23249 }, 23250 }, 23251 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23252 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23253 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23254 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23255 }, 23256 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23257 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23258 "a_key": "A String", 23259 }, 23260 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23261 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23262 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23263 }, 23264 }, 23265 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23266 "a_key": "A String", 23267 }, 23268 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23269 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23270 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23271 }, 23272 }, 23273 }, 23274 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23275 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23276 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23277 "add": [ # Added capabilities +optional 23278 "A String", 23279 ], 23280 "drop": [ # Removed capabilities +optional 23281 "A String", 23282 ], 23283 }, 23284 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23285 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23286 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23287 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23288 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23289 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23290 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23291 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23292 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23293 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23294 }, 23295 }, 23296 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23297 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23298 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23299 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23300 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23301 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23302 { # volumeDevice describes a mapping of a raw block device within a container. 23303 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23304 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23305 }, 23306 ], 23307 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23308 { # VolumeMount describes a mounting of a Volume within a container. 23309 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23310 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23311 "name": "A String", # This must match the Name of a Volume. 23312 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23313 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23314 }, 23315 ], 23316 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23317 }, 23318 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 23319 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 23320 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 23321 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23322 "A String", 23323 ], 23324 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23325 "A String", 23326 ], 23327 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23328 { # EnvVar represents an environment variable present in a Container. 23329 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23330 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23331 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23332 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23333 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23334 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23335 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23336 }, 23337 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23338 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23339 }, 23340 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23341 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23342 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23343 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23344 }, 23345 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23346 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23347 }, 23348 }, 23349 }, 23350 ], 23351 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23352 { # EnvFromSource represents the source of a set of ConfigMaps 23353 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23354 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23355 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23356 }, 23357 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23358 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23359 }, 23360 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23361 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23362 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23363 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23364 }, 23365 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23366 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23367 }, 23368 }, 23369 ], 23370 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23371 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23372 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23373 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23374 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23375 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23376 "A String", 23377 ], 23378 }, 23379 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23380 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23381 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23382 { # HTTPHeader describes a custom header to be used in HTTP probes 23383 "name": "A String", # The header field name 23384 "value": "A String", # The header field value 23385 }, 23386 ], 23387 "path": "A String", # Path to access on the HTTP server. +optional 23388 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23389 "intVal": 42, # The int value. 23390 "strVal": "A String", # The string value. 23391 "type": 42, # The type of the value. 23392 }, 23393 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23394 }, 23395 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23396 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23397 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23398 "intVal": 42, # The int value. 23399 "strVal": "A String", # The string value. 23400 "type": 42, # The type of the value. 23401 }, 23402 }, 23403 }, 23404 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23405 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23406 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23407 "A String", 23408 ], 23409 }, 23410 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23411 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23412 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23413 { # HTTPHeader describes a custom header to be used in HTTP probes 23414 "name": "A String", # The header field name 23415 "value": "A String", # The header field value 23416 }, 23417 ], 23418 "path": "A String", # Path to access on the HTTP server. +optional 23419 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23420 "intVal": 42, # The int value. 23421 "strVal": "A String", # The string value. 23422 "type": 42, # The type of the value. 23423 }, 23424 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23425 }, 23426 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23427 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23428 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23429 "intVal": 42, # The int value. 23430 "strVal": "A String", # The string value. 23431 "type": 42, # The type of the value. 23432 }, 23433 }, 23434 }, 23435 }, 23436 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23437 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23438 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23439 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23440 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23441 "A String", 23442 ], 23443 }, 23444 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23445 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23446 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23447 { # HTTPHeader describes a custom header to be used in HTTP probes 23448 "name": "A String", # The header field name 23449 "value": "A String", # The header field value 23450 }, 23451 ], 23452 "path": "A String", # Path to access on the HTTP server. +optional 23453 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23454 "intVal": 42, # The int value. 23455 "strVal": "A String", # The string value. 23456 "type": 42, # The type of the value. 23457 }, 23458 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23459 }, 23460 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23461 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23462 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23463 "intVal": 42, # The int value. 23464 "strVal": "A String", # The string value. 23465 "type": 42, # The type of the value. 23466 }, 23467 }, 23468 }, 23469 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23470 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23471 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23472 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23473 }, 23474 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23475 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23476 { # ContainerPort represents a network port in a single container. 23477 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23478 "hostIP": "A String", # What host IP to bind the external port to. +optional 23479 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23480 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23481 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23482 }, 23483 ], 23484 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23485 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23486 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23487 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23488 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23489 "A String", 23490 ], 23491 }, 23492 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23493 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23494 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23495 { # HTTPHeader describes a custom header to be used in HTTP probes 23496 "name": "A String", # The header field name 23497 "value": "A String", # The header field value 23498 }, 23499 ], 23500 "path": "A String", # Path to access on the HTTP server. +optional 23501 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23502 "intVal": 42, # The int value. 23503 "strVal": "A String", # The string value. 23504 "type": 42, # The type of the value. 23505 }, 23506 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23507 }, 23508 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23509 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23510 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23511 "intVal": 42, # The int value. 23512 "strVal": "A String", # The string value. 23513 "type": 42, # The type of the value. 23514 }, 23515 }, 23516 }, 23517 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23518 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23519 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23520 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23521 }, 23522 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23523 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23524 "a_key": "A String", 23525 }, 23526 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23527 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23528 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23529 }, 23530 }, 23531 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23532 "a_key": "A String", 23533 }, 23534 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23535 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23536 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23537 }, 23538 }, 23539 }, 23540 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23541 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23542 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23543 "add": [ # Added capabilities +optional 23544 "A String", 23545 ], 23546 "drop": [ # Removed capabilities +optional 23547 "A String", 23548 ], 23549 }, 23550 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23551 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23552 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23553 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23554 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23555 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23556 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23557 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23558 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23559 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23560 }, 23561 }, 23562 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23563 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23564 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23565 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23566 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23567 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23568 { # volumeDevice describes a mapping of a raw block device within a container. 23569 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23570 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23571 }, 23572 ], 23573 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23574 { # VolumeMount describes a mounting of a Volume within a container. 23575 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23576 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23577 "name": "A String", # This must match the Name of a Volume. 23578 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23579 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23580 }, 23581 ], 23582 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23583 }, 23584 ], 23585 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 23586 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 23587 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 23588 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 23589 "volumes": [ 23590 { # Volume represents a named volume in a container. 23591 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 23592 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23593 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23594 { # Maps a string key to a path within a volume. 23595 "key": "A String", # The key to project. 23596 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23597 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23598 }, 23599 ], 23600 "name": "A String", # Name of the config. 23601 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23602 }, 23603 "name": "A String", # Volume's name. 23604 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 23605 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23606 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23607 { # Maps a string key to a path within a volume. 23608 "key": "A String", # The key to project. 23609 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23610 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23611 }, 23612 ], 23613 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23614 "secretName": "A String", # Name of the secret in the container's namespace to use. 23615 }, 23616 }, 23617 ], 23618 }, 23619 }, 23620 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 23621 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 23622 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 23623 "a_key": "A String", 23624 }, 23625 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 23626 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23627 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 23628 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23629 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 23630 "A String", 23631 ], 23632 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 23633 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 23634 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 23635 "a_key": "A String", 23636 }, 23637 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 23638 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 23639 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 23640 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 23641 "apiVersion": "A String", # API version of the referent. 23642 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 23643 "controller": True or False, # If true, this reference points to the managing controller. +optional 23644 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 23645 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 23646 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 23647 }, 23648 ], 23649 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 23650 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 23651 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 23652 }, 23653 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 23654 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 23655 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 23656 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23657 "A String", 23658 ], 23659 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23660 "A String", 23661 ], 23662 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23663 { # EnvVar represents an environment variable present in a Container. 23664 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23665 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23666 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23667 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23668 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23669 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23670 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23671 }, 23672 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23673 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23674 }, 23675 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23676 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23677 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23678 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23679 }, 23680 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23681 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23682 }, 23683 }, 23684 }, 23685 ], 23686 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23687 { # EnvFromSource represents the source of a set of ConfigMaps 23688 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23689 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23690 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23691 }, 23692 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23693 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23694 }, 23695 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23696 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23697 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23698 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23699 }, 23700 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23701 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23702 }, 23703 }, 23704 ], 23705 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23706 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23707 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23708 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23709 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23710 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23711 "A String", 23712 ], 23713 }, 23714 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23715 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23716 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23717 { # HTTPHeader describes a custom header to be used in HTTP probes 23718 "name": "A String", # The header field name 23719 "value": "A String", # The header field value 23720 }, 23721 ], 23722 "path": "A String", # Path to access on the HTTP server. +optional 23723 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23724 "intVal": 42, # The int value. 23725 "strVal": "A String", # The string value. 23726 "type": 42, # The type of the value. 23727 }, 23728 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23729 }, 23730 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23731 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23732 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23733 "intVal": 42, # The int value. 23734 "strVal": "A String", # The string value. 23735 "type": 42, # The type of the value. 23736 }, 23737 }, 23738 }, 23739 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23740 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23741 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23742 "A String", 23743 ], 23744 }, 23745 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23746 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23747 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23748 { # HTTPHeader describes a custom header to be used in HTTP probes 23749 "name": "A String", # The header field name 23750 "value": "A String", # The header field value 23751 }, 23752 ], 23753 "path": "A String", # Path to access on the HTTP server. +optional 23754 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23755 "intVal": 42, # The int value. 23756 "strVal": "A String", # The string value. 23757 "type": 42, # The type of the value. 23758 }, 23759 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23760 }, 23761 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23762 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23763 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23764 "intVal": 42, # The int value. 23765 "strVal": "A String", # The string value. 23766 "type": 42, # The type of the value. 23767 }, 23768 }, 23769 }, 23770 }, 23771 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23772 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23773 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23774 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23775 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23776 "A String", 23777 ], 23778 }, 23779 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23780 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23781 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23782 { # HTTPHeader describes a custom header to be used in HTTP probes 23783 "name": "A String", # The header field name 23784 "value": "A String", # The header field value 23785 }, 23786 ], 23787 "path": "A String", # Path to access on the HTTP server. +optional 23788 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23789 "intVal": 42, # The int value. 23790 "strVal": "A String", # The string value. 23791 "type": 42, # The type of the value. 23792 }, 23793 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23794 }, 23795 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23796 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23797 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23798 "intVal": 42, # The int value. 23799 "strVal": "A String", # The string value. 23800 "type": 42, # The type of the value. 23801 }, 23802 }, 23803 }, 23804 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23805 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23806 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23807 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23808 }, 23809 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23810 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23811 { # ContainerPort represents a network port in a single container. 23812 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23813 "hostIP": "A String", # What host IP to bind the external port to. +optional 23814 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23815 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23816 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23817 }, 23818 ], 23819 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23820 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23821 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23822 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23823 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23824 "A String", 23825 ], 23826 }, 23827 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23828 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23829 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23830 { # HTTPHeader describes a custom header to be used in HTTP probes 23831 "name": "A String", # The header field name 23832 "value": "A String", # The header field value 23833 }, 23834 ], 23835 "path": "A String", # Path to access on the HTTP server. +optional 23836 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23837 "intVal": 42, # The int value. 23838 "strVal": "A String", # The string value. 23839 "type": 42, # The type of the value. 23840 }, 23841 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23842 }, 23843 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23844 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23845 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23846 "intVal": 42, # The int value. 23847 "strVal": "A String", # The string value. 23848 "type": 42, # The type of the value. 23849 }, 23850 }, 23851 }, 23852 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23853 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23854 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23855 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23856 }, 23857 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23858 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23859 "a_key": "A String", 23860 }, 23861 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23862 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23863 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23864 }, 23865 }, 23866 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23867 "a_key": "A String", 23868 }, 23869 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23870 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23871 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23872 }, 23873 }, 23874 }, 23875 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23876 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23877 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23878 "add": [ # Added capabilities +optional 23879 "A String", 23880 ], 23881 "drop": [ # Removed capabilities +optional 23882 "A String", 23883 ], 23884 }, 23885 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23886 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23887 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23888 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23889 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23890 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23891 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23892 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23893 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23894 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23895 }, 23896 }, 23897 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23898 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23899 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23900 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23901 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23902 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23903 { # volumeDevice describes a mapping of a raw block device within a container. 23904 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23905 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23906 }, 23907 ], 23908 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23909 { # VolumeMount describes a mounting of a Volume within a container. 23910 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23911 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23912 "name": "A String", # This must match the Name of a Volume. 23913 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23914 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23915 }, 23916 ], 23917 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23918 }, 23919 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 23920 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 23921 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 23922 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23923 "A String", 23924 ], 23925 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23926 "A String", 23927 ], 23928 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23929 { # EnvVar represents an environment variable present in a Container. 23930 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23931 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23932 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23933 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23934 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23935 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23936 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23937 }, 23938 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23939 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23940 }, 23941 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23942 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23943 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23944 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23945 }, 23946 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23947 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23948 }, 23949 }, 23950 }, 23951 ], 23952 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23953 { # EnvFromSource represents the source of a set of ConfigMaps 23954 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23955 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23956 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23957 }, 23958 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23959 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23960 }, 23961 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23962 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23963 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23964 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23965 }, 23966 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23967 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23968 }, 23969 }, 23970 ], 23971 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23972 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23973 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23974 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23975 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23976 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23977 "A String", 23978 ], 23979 }, 23980 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23981 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23982 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23983 { # HTTPHeader describes a custom header to be used in HTTP probes 23984 "name": "A String", # The header field name 23985 "value": "A String", # The header field value 23986 }, 23987 ], 23988 "path": "A String", # Path to access on the HTTP server. +optional 23989 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23990 "intVal": 42, # The int value. 23991 "strVal": "A String", # The string value. 23992 "type": 42, # The type of the value. 23993 }, 23994 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23995 }, 23996 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23997 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23998 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23999 "intVal": 42, # The int value. 24000 "strVal": "A String", # The string value. 24001 "type": 42, # The type of the value. 24002 }, 24003 }, 24004 }, 24005 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24006 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24007 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24008 "A String", 24009 ], 24010 }, 24011 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24012 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24013 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24014 { # HTTPHeader describes a custom header to be used in HTTP probes 24015 "name": "A String", # The header field name 24016 "value": "A String", # The header field value 24017 }, 24018 ], 24019 "path": "A String", # Path to access on the HTTP server. +optional 24020 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24021 "intVal": 42, # The int value. 24022 "strVal": "A String", # The string value. 24023 "type": 42, # The type of the value. 24024 }, 24025 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24026 }, 24027 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24028 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24029 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24030 "intVal": 42, # The int value. 24031 "strVal": "A String", # The string value. 24032 "type": 42, # The type of the value. 24033 }, 24034 }, 24035 }, 24036 }, 24037 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24038 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24039 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24040 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24041 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24042 "A String", 24043 ], 24044 }, 24045 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24046 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24047 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24048 { # HTTPHeader describes a custom header to be used in HTTP probes 24049 "name": "A String", # The header field name 24050 "value": "A String", # The header field value 24051 }, 24052 ], 24053 "path": "A String", # Path to access on the HTTP server. +optional 24054 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24055 "intVal": 42, # The int value. 24056 "strVal": "A String", # The string value. 24057 "type": 42, # The type of the value. 24058 }, 24059 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24060 }, 24061 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24062 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24063 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24064 "intVal": 42, # The int value. 24065 "strVal": "A String", # The string value. 24066 "type": 42, # The type of the value. 24067 }, 24068 }, 24069 }, 24070 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24071 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24072 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24073 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24074 }, 24075 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24076 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24077 { # ContainerPort represents a network port in a single container. 24078 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24079 "hostIP": "A String", # What host IP to bind the external port to. +optional 24080 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24081 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24082 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24083 }, 24084 ], 24085 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24086 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24087 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24088 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24089 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24090 "A String", 24091 ], 24092 }, 24093 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24094 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24095 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24096 { # HTTPHeader describes a custom header to be used in HTTP probes 24097 "name": "A String", # The header field name 24098 "value": "A String", # The header field value 24099 }, 24100 ], 24101 "path": "A String", # Path to access on the HTTP server. +optional 24102 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24103 "intVal": 42, # The int value. 24104 "strVal": "A String", # The string value. 24105 "type": 42, # The type of the value. 24106 }, 24107 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24108 }, 24109 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24110 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24111 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24112 "intVal": 42, # The int value. 24113 "strVal": "A String", # The string value. 24114 "type": 42, # The type of the value. 24115 }, 24116 }, 24117 }, 24118 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24119 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24120 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24121 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24122 }, 24123 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24124 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24125 "a_key": "A String", 24126 }, 24127 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24128 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24129 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24130 }, 24131 }, 24132 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24133 "a_key": "A String", 24134 }, 24135 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24136 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24137 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24138 }, 24139 }, 24140 }, 24141 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24142 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24143 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24144 "add": [ # Added capabilities +optional 24145 "A String", 24146 ], 24147 "drop": [ # Removed capabilities +optional 24148 "A String", 24149 ], 24150 }, 24151 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24152 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24153 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24154 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24155 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24156 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24157 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24158 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24159 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24160 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24161 }, 24162 }, 24163 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24164 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24165 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24166 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24167 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24168 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24169 { # volumeDevice describes a mapping of a raw block device within a container. 24170 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24171 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24172 }, 24173 ], 24174 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24175 { # VolumeMount describes a mounting of a Volume within a container. 24176 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24177 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24178 "name": "A String", # This must match the Name of a Volume. 24179 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24180 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24181 }, 24182 ], 24183 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24184 }, 24185 ], 24186 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24187 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 24188 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 24189 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 24190 "volumes": [ 24191 { # Volume represents a named volume in a container. 24192 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 24193 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24194 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24195 { # Maps a string key to a path within a volume. 24196 "key": "A String", # The key to project. 24197 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24198 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24199 }, 24200 ], 24201 "name": "A String", # Name of the config. 24202 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24203 }, 24204 "name": "A String", # Volume's name. 24205 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 24206 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24207 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24208 { # Maps a string key to a path within a volume. 24209 "key": "A String", # The key to project. 24210 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24211 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24212 }, 24213 ], 24214 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24215 "secretName": "A String", # Name of the secret in the container's namespace to use. 24216 }, 24217 }, 24218 ], 24219 }, 24220 }, 24221 }, 24222 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 24223 "A String", 24224 ], 24225 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 24226 }, 24227 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 24228 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 24229 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24230 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 24231 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 24232 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 24233 "a_key": "A String", 24234 }, 24235 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 24236 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24237 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 24238 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24239 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 24240 "A String", 24241 ], 24242 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 24243 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 24244 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 24245 "a_key": "A String", 24246 }, 24247 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 24248 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 24249 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 24250 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 24251 "apiVersion": "A String", # API version of the referent. 24252 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 24253 "controller": True or False, # If true, this reference points to the managing controller. +optional 24254 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 24255 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 24256 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 24257 }, 24258 ], 24259 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 24260 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 24261 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 24262 }, 24263 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 24264 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 24265 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 24266 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24267 "A String", 24268 ], 24269 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24270 "A String", 24271 ], 24272 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24273 { # EnvVar represents an environment variable present in a Container. 24274 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24275 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24276 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24277 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24278 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24279 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24280 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24281 }, 24282 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24283 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24284 }, 24285 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24286 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24287 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24288 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24289 }, 24290 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24291 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24292 }, 24293 }, 24294 }, 24295 ], 24296 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24297 { # EnvFromSource represents the source of a set of ConfigMaps 24298 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24299 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24300 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24301 }, 24302 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24303 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24304 }, 24305 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24306 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24307 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24308 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24309 }, 24310 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24311 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24312 }, 24313 }, 24314 ], 24315 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24316 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24317 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24318 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24319 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24320 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24321 "A String", 24322 ], 24323 }, 24324 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24325 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24326 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24327 { # HTTPHeader describes a custom header to be used in HTTP probes 24328 "name": "A String", # The header field name 24329 "value": "A String", # The header field value 24330 }, 24331 ], 24332 "path": "A String", # Path to access on the HTTP server. +optional 24333 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24334 "intVal": 42, # The int value. 24335 "strVal": "A String", # The string value. 24336 "type": 42, # The type of the value. 24337 }, 24338 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24339 }, 24340 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24341 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24342 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24343 "intVal": 42, # The int value. 24344 "strVal": "A String", # The string value. 24345 "type": 42, # The type of the value. 24346 }, 24347 }, 24348 }, 24349 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24350 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24351 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24352 "A String", 24353 ], 24354 }, 24355 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24356 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24357 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24358 { # HTTPHeader describes a custom header to be used in HTTP probes 24359 "name": "A String", # The header field name 24360 "value": "A String", # The header field value 24361 }, 24362 ], 24363 "path": "A String", # Path to access on the HTTP server. +optional 24364 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24365 "intVal": 42, # The int value. 24366 "strVal": "A String", # The string value. 24367 "type": 42, # The type of the value. 24368 }, 24369 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24370 }, 24371 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24372 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24373 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24374 "intVal": 42, # The int value. 24375 "strVal": "A String", # The string value. 24376 "type": 42, # The type of the value. 24377 }, 24378 }, 24379 }, 24380 }, 24381 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24382 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24383 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24384 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24385 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24386 "A String", 24387 ], 24388 }, 24389 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24390 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24391 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24392 { # HTTPHeader describes a custom header to be used in HTTP probes 24393 "name": "A String", # The header field name 24394 "value": "A String", # The header field value 24395 }, 24396 ], 24397 "path": "A String", # Path to access on the HTTP server. +optional 24398 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24399 "intVal": 42, # The int value. 24400 "strVal": "A String", # The string value. 24401 "type": 42, # The type of the value. 24402 }, 24403 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24404 }, 24405 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24406 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24407 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24408 "intVal": 42, # The int value. 24409 "strVal": "A String", # The string value. 24410 "type": 42, # The type of the value. 24411 }, 24412 }, 24413 }, 24414 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24415 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24416 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24417 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24418 }, 24419 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24420 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24421 { # ContainerPort represents a network port in a single container. 24422 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24423 "hostIP": "A String", # What host IP to bind the external port to. +optional 24424 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24425 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24426 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24427 }, 24428 ], 24429 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24430 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24431 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24432 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24433 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24434 "A String", 24435 ], 24436 }, 24437 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24438 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24439 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24440 { # HTTPHeader describes a custom header to be used in HTTP probes 24441 "name": "A String", # The header field name 24442 "value": "A String", # The header field value 24443 }, 24444 ], 24445 "path": "A String", # Path to access on the HTTP server. +optional 24446 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24447 "intVal": 42, # The int value. 24448 "strVal": "A String", # The string value. 24449 "type": 42, # The type of the value. 24450 }, 24451 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24452 }, 24453 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24454 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24455 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24456 "intVal": 42, # The int value. 24457 "strVal": "A String", # The string value. 24458 "type": 42, # The type of the value. 24459 }, 24460 }, 24461 }, 24462 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24463 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24464 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24465 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24466 }, 24467 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24468 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24469 "a_key": "A String", 24470 }, 24471 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24472 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24473 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24474 }, 24475 }, 24476 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24477 "a_key": "A String", 24478 }, 24479 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24480 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24481 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24482 }, 24483 }, 24484 }, 24485 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24486 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24487 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24488 "add": [ # Added capabilities +optional 24489 "A String", 24490 ], 24491 "drop": [ # Removed capabilities +optional 24492 "A String", 24493 ], 24494 }, 24495 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24496 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24497 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24498 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24499 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24500 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24501 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24502 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24503 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24504 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24505 }, 24506 }, 24507 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24508 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24509 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24510 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24511 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24512 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24513 { # volumeDevice describes a mapping of a raw block device within a container. 24514 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24515 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24516 }, 24517 ], 24518 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24519 { # VolumeMount describes a mounting of a Volume within a container. 24520 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24521 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24522 "name": "A String", # This must match the Name of a Volume. 24523 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24524 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24525 }, 24526 ], 24527 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24528 }, 24529 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 24530 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 24531 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 24532 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24533 "A String", 24534 ], 24535 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24536 "A String", 24537 ], 24538 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24539 { # EnvVar represents an environment variable present in a Container. 24540 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24541 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24542 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24543 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24544 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24545 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24546 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24547 }, 24548 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24549 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24550 }, 24551 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24552 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24553 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24554 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24555 }, 24556 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24557 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24558 }, 24559 }, 24560 }, 24561 ], 24562 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24563 { # EnvFromSource represents the source of a set of ConfigMaps 24564 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24565 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24566 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24567 }, 24568 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24569 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24570 }, 24571 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24572 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24573 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24574 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24575 }, 24576 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24577 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24578 }, 24579 }, 24580 ], 24581 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24582 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24583 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24584 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24585 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24586 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24587 "A String", 24588 ], 24589 }, 24590 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24591 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24592 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24593 { # HTTPHeader describes a custom header to be used in HTTP probes 24594 "name": "A String", # The header field name 24595 "value": "A String", # The header field value 24596 }, 24597 ], 24598 "path": "A String", # Path to access on the HTTP server. +optional 24599 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24600 "intVal": 42, # The int value. 24601 "strVal": "A String", # The string value. 24602 "type": 42, # The type of the value. 24603 }, 24604 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24605 }, 24606 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24607 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24608 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24609 "intVal": 42, # The int value. 24610 "strVal": "A String", # The string value. 24611 "type": 42, # The type of the value. 24612 }, 24613 }, 24614 }, 24615 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24616 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24617 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24618 "A String", 24619 ], 24620 }, 24621 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24622 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24623 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24624 { # HTTPHeader describes a custom header to be used in HTTP probes 24625 "name": "A String", # The header field name 24626 "value": "A String", # The header field value 24627 }, 24628 ], 24629 "path": "A String", # Path to access on the HTTP server. +optional 24630 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24631 "intVal": 42, # The int value. 24632 "strVal": "A String", # The string value. 24633 "type": 42, # The type of the value. 24634 }, 24635 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24636 }, 24637 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24638 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24639 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24640 "intVal": 42, # The int value. 24641 "strVal": "A String", # The string value. 24642 "type": 42, # The type of the value. 24643 }, 24644 }, 24645 }, 24646 }, 24647 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24648 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24649 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24650 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24651 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24652 "A String", 24653 ], 24654 }, 24655 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24656 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24657 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24658 { # HTTPHeader describes a custom header to be used in HTTP probes 24659 "name": "A String", # The header field name 24660 "value": "A String", # The header field value 24661 }, 24662 ], 24663 "path": "A String", # Path to access on the HTTP server. +optional 24664 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24665 "intVal": 42, # The int value. 24666 "strVal": "A String", # The string value. 24667 "type": 42, # The type of the value. 24668 }, 24669 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24670 }, 24671 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24672 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24673 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24674 "intVal": 42, # The int value. 24675 "strVal": "A String", # The string value. 24676 "type": 42, # The type of the value. 24677 }, 24678 }, 24679 }, 24680 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24681 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24682 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24683 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24684 }, 24685 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24686 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24687 { # ContainerPort represents a network port in a single container. 24688 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24689 "hostIP": "A String", # What host IP to bind the external port to. +optional 24690 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24691 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24692 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24693 }, 24694 ], 24695 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24696 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24697 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24698 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24699 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24700 "A String", 24701 ], 24702 }, 24703 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24704 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24705 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24706 { # HTTPHeader describes a custom header to be used in HTTP probes 24707 "name": "A String", # The header field name 24708 "value": "A String", # The header field value 24709 }, 24710 ], 24711 "path": "A String", # Path to access on the HTTP server. +optional 24712 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24713 "intVal": 42, # The int value. 24714 "strVal": "A String", # The string value. 24715 "type": 42, # The type of the value. 24716 }, 24717 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24718 }, 24719 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24720 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24721 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24722 "intVal": 42, # The int value. 24723 "strVal": "A String", # The string value. 24724 "type": 42, # The type of the value. 24725 }, 24726 }, 24727 }, 24728 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24729 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24730 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24731 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24732 }, 24733 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24734 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24735 "a_key": "A String", 24736 }, 24737 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24738 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24739 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24740 }, 24741 }, 24742 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24743 "a_key": "A String", 24744 }, 24745 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24746 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24747 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24748 }, 24749 }, 24750 }, 24751 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24752 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24753 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24754 "add": [ # Added capabilities +optional 24755 "A String", 24756 ], 24757 "drop": [ # Removed capabilities +optional 24758 "A String", 24759 ], 24760 }, 24761 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24762 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24763 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24764 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24765 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24766 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24767 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24768 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24769 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24770 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24771 }, 24772 }, 24773 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24774 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24775 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24776 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24777 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24778 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24779 { # volumeDevice describes a mapping of a raw block device within a container. 24780 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24781 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24782 }, 24783 ], 24784 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24785 { # VolumeMount describes a mounting of a Volume within a container. 24786 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24787 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24788 "name": "A String", # This must match the Name of a Volume. 24789 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24790 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24791 }, 24792 ], 24793 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24794 }, 24795 ], 24796 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24797 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 24798 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 24799 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 24800 "volumes": [ 24801 { # Volume represents a named volume in a container. 24802 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 24803 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24804 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24805 { # Maps a string key to a path within a volume. 24806 "key": "A String", # The key to project. 24807 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24808 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24809 }, 24810 ], 24811 "name": "A String", # Name of the config. 24812 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24813 }, 24814 "name": "A String", # Volume's name. 24815 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 24816 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24817 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24818 { # Maps a string key to a path within a volume. 24819 "key": "A String", # The key to project. 24820 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24821 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24822 }, 24823 ], 24824 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24825 "secretName": "A String", # Name of the secret in the container's namespace to use. 24826 }, 24827 }, 24828 ], 24829 }, 24830 }, 24831 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 24832 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 24833 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 24834 "a_key": "A String", 24835 }, 24836 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 24837 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24838 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 24839 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24840 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 24841 "A String", 24842 ], 24843 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 24844 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 24845 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 24846 "a_key": "A String", 24847 }, 24848 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 24849 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 24850 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 24851 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 24852 "apiVersion": "A String", # API version of the referent. 24853 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 24854 "controller": True or False, # If true, this reference points to the managing controller. +optional 24855 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 24856 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 24857 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 24858 }, 24859 ], 24860 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 24861 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 24862 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 24863 }, 24864 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 24865 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 24866 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 24867 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24868 "A String", 24869 ], 24870 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24871 "A String", 24872 ], 24873 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24874 { # EnvVar represents an environment variable present in a Container. 24875 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24876 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24877 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24878 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24879 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24880 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24881 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24882 }, 24883 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24884 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24885 }, 24886 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24887 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24888 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24889 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24890 }, 24891 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24892 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24893 }, 24894 }, 24895 }, 24896 ], 24897 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24898 { # EnvFromSource represents the source of a set of ConfigMaps 24899 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24900 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24901 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24902 }, 24903 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24904 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24905 }, 24906 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24907 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24908 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24909 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24910 }, 24911 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24912 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24913 }, 24914 }, 24915 ], 24916 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24917 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24918 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24919 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24920 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24921 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24922 "A String", 24923 ], 24924 }, 24925 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24926 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24927 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24928 { # HTTPHeader describes a custom header to be used in HTTP probes 24929 "name": "A String", # The header field name 24930 "value": "A String", # The header field value 24931 }, 24932 ], 24933 "path": "A String", # Path to access on the HTTP server. +optional 24934 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24935 "intVal": 42, # The int value. 24936 "strVal": "A String", # The string value. 24937 "type": 42, # The type of the value. 24938 }, 24939 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24940 }, 24941 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24942 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24943 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24944 "intVal": 42, # The int value. 24945 "strVal": "A String", # The string value. 24946 "type": 42, # The type of the value. 24947 }, 24948 }, 24949 }, 24950 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24951 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24952 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24953 "A String", 24954 ], 24955 }, 24956 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24957 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24958 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24959 { # HTTPHeader describes a custom header to be used in HTTP probes 24960 "name": "A String", # The header field name 24961 "value": "A String", # The header field value 24962 }, 24963 ], 24964 "path": "A String", # Path to access on the HTTP server. +optional 24965 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24966 "intVal": 42, # The int value. 24967 "strVal": "A String", # The string value. 24968 "type": 42, # The type of the value. 24969 }, 24970 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24971 }, 24972 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24973 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24974 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24975 "intVal": 42, # The int value. 24976 "strVal": "A String", # The string value. 24977 "type": 42, # The type of the value. 24978 }, 24979 }, 24980 }, 24981 }, 24982 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24983 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24984 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24985 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24986 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24987 "A String", 24988 ], 24989 }, 24990 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24991 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24992 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24993 { # HTTPHeader describes a custom header to be used in HTTP probes 24994 "name": "A String", # The header field name 24995 "value": "A String", # The header field value 24996 }, 24997 ], 24998 "path": "A String", # Path to access on the HTTP server. +optional 24999 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25000 "intVal": 42, # The int value. 25001 "strVal": "A String", # The string value. 25002 "type": 42, # The type of the value. 25003 }, 25004 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25005 }, 25006 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25007 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25008 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25009 "intVal": 42, # The int value. 25010 "strVal": "A String", # The string value. 25011 "type": 42, # The type of the value. 25012 }, 25013 }, 25014 }, 25015 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25016 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25017 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25018 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25019 }, 25020 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25021 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25022 { # ContainerPort represents a network port in a single container. 25023 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25024 "hostIP": "A String", # What host IP to bind the external port to. +optional 25025 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25026 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25027 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25028 }, 25029 ], 25030 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25031 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25032 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25033 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25034 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25035 "A String", 25036 ], 25037 }, 25038 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25039 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25040 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25041 { # HTTPHeader describes a custom header to be used in HTTP probes 25042 "name": "A String", # The header field name 25043 "value": "A String", # The header field value 25044 }, 25045 ], 25046 "path": "A String", # Path to access on the HTTP server. +optional 25047 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25048 "intVal": 42, # The int value. 25049 "strVal": "A String", # The string value. 25050 "type": 42, # The type of the value. 25051 }, 25052 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25053 }, 25054 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25055 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25056 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25057 "intVal": 42, # The int value. 25058 "strVal": "A String", # The string value. 25059 "type": 42, # The type of the value. 25060 }, 25061 }, 25062 }, 25063 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25064 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25065 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25066 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25067 }, 25068 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25069 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25070 "a_key": "A String", 25071 }, 25072 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25073 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25074 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25075 }, 25076 }, 25077 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25078 "a_key": "A String", 25079 }, 25080 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25081 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25082 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25083 }, 25084 }, 25085 }, 25086 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25087 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25088 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25089 "add": [ # Added capabilities +optional 25090 "A String", 25091 ], 25092 "drop": [ # Removed capabilities +optional 25093 "A String", 25094 ], 25095 }, 25096 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25097 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25098 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25099 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25100 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25101 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25102 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25103 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25104 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25105 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25106 }, 25107 }, 25108 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25109 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25110 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25111 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25112 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25113 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25114 { # volumeDevice describes a mapping of a raw block device within a container. 25115 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25116 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25117 }, 25118 ], 25119 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25120 { # VolumeMount describes a mounting of a Volume within a container. 25121 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25122 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25123 "name": "A String", # This must match the Name of a Volume. 25124 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25125 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25126 }, 25127 ], 25128 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25129 }, 25130 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 25131 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 25132 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 25133 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25134 "A String", 25135 ], 25136 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25137 "A String", 25138 ], 25139 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25140 { # EnvVar represents an environment variable present in a Container. 25141 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25142 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25143 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25144 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25145 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25146 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25147 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25148 }, 25149 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25150 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25151 }, 25152 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25153 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25154 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25155 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25156 }, 25157 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25158 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25159 }, 25160 }, 25161 }, 25162 ], 25163 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25164 { # EnvFromSource represents the source of a set of ConfigMaps 25165 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25166 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25167 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25168 }, 25169 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25170 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25171 }, 25172 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25173 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25174 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25175 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25176 }, 25177 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25178 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25179 }, 25180 }, 25181 ], 25182 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25183 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25184 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25185 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25186 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25187 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25188 "A String", 25189 ], 25190 }, 25191 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25192 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25193 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25194 { # HTTPHeader describes a custom header to be used in HTTP probes 25195 "name": "A String", # The header field name 25196 "value": "A String", # The header field value 25197 }, 25198 ], 25199 "path": "A String", # Path to access on the HTTP server. +optional 25200 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25201 "intVal": 42, # The int value. 25202 "strVal": "A String", # The string value. 25203 "type": 42, # The type of the value. 25204 }, 25205 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25206 }, 25207 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25208 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25209 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25210 "intVal": 42, # The int value. 25211 "strVal": "A String", # The string value. 25212 "type": 42, # The type of the value. 25213 }, 25214 }, 25215 }, 25216 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25217 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25218 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25219 "A String", 25220 ], 25221 }, 25222 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25223 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25224 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25225 { # HTTPHeader describes a custom header to be used in HTTP probes 25226 "name": "A String", # The header field name 25227 "value": "A String", # The header field value 25228 }, 25229 ], 25230 "path": "A String", # Path to access on the HTTP server. +optional 25231 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25232 "intVal": 42, # The int value. 25233 "strVal": "A String", # The string value. 25234 "type": 42, # The type of the value. 25235 }, 25236 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25237 }, 25238 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25239 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25240 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25241 "intVal": 42, # The int value. 25242 "strVal": "A String", # The string value. 25243 "type": 42, # The type of the value. 25244 }, 25245 }, 25246 }, 25247 }, 25248 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25249 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25250 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25251 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25252 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25253 "A String", 25254 ], 25255 }, 25256 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25257 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25258 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25259 { # HTTPHeader describes a custom header to be used in HTTP probes 25260 "name": "A String", # The header field name 25261 "value": "A String", # The header field value 25262 }, 25263 ], 25264 "path": "A String", # Path to access on the HTTP server. +optional 25265 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25266 "intVal": 42, # The int value. 25267 "strVal": "A String", # The string value. 25268 "type": 42, # The type of the value. 25269 }, 25270 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25271 }, 25272 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25273 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25274 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25275 "intVal": 42, # The int value. 25276 "strVal": "A String", # The string value. 25277 "type": 42, # The type of the value. 25278 }, 25279 }, 25280 }, 25281 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25282 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25283 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25284 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25285 }, 25286 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25287 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25288 { # ContainerPort represents a network port in a single container. 25289 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25290 "hostIP": "A String", # What host IP to bind the external port to. +optional 25291 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25292 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25293 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25294 }, 25295 ], 25296 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25297 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25298 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25299 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25300 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25301 "A String", 25302 ], 25303 }, 25304 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25305 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25306 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25307 { # HTTPHeader describes a custom header to be used in HTTP probes 25308 "name": "A String", # The header field name 25309 "value": "A String", # The header field value 25310 }, 25311 ], 25312 "path": "A String", # Path to access on the HTTP server. +optional 25313 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25314 "intVal": 42, # The int value. 25315 "strVal": "A String", # The string value. 25316 "type": 42, # The type of the value. 25317 }, 25318 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25319 }, 25320 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25321 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25322 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25323 "intVal": 42, # The int value. 25324 "strVal": "A String", # The string value. 25325 "type": 42, # The type of the value. 25326 }, 25327 }, 25328 }, 25329 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25330 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25331 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25332 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25333 }, 25334 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25335 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25336 "a_key": "A String", 25337 }, 25338 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25339 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25340 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25341 }, 25342 }, 25343 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25344 "a_key": "A String", 25345 }, 25346 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25347 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25348 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25349 }, 25350 }, 25351 }, 25352 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25353 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25354 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25355 "add": [ # Added capabilities +optional 25356 "A String", 25357 ], 25358 "drop": [ # Removed capabilities +optional 25359 "A String", 25360 ], 25361 }, 25362 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25363 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25364 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25365 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25366 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25367 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25368 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25369 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25370 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25371 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25372 }, 25373 }, 25374 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25375 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25376 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25377 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25378 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25379 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25380 { # volumeDevice describes a mapping of a raw block device within a container. 25381 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25382 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25383 }, 25384 ], 25385 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25386 { # VolumeMount describes a mounting of a Volume within a container. 25387 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25388 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25389 "name": "A String", # This must match the Name of a Volume. 25390 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25391 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25392 }, 25393 ], 25394 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25395 }, 25396 ], 25397 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 25398 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 25399 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 25400 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 25401 "volumes": [ 25402 { # Volume represents a named volume in a container. 25403 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 25404 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 25405 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 25406 { # Maps a string key to a path within a volume. 25407 "key": "A String", # The key to project. 25408 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 25409 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 25410 }, 25411 ], 25412 "name": "A String", # Name of the config. 25413 "optional": True or False, # Specify whether the Secret or its keys must be defined. 25414 }, 25415 "name": "A String", # Volume's name. 25416 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 25417 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 25418 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 25419 { # Maps a string key to a path within a volume. 25420 "key": "A String", # The key to project. 25421 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 25422 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 25423 }, 25424 ], 25425 "optional": True or False, # Specify whether the Secret or its keys must be defined. 25426 "secretName": "A String", # Name of the secret in the container's namespace to use. 25427 }, 25428 }, 25429 ], 25430 }, 25431 }, 25432 }, 25433 }, 25434 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 25435 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 25436 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 25437 "a_key": "A String", 25438 }, 25439 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 25440 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 25441 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 25442 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 25443 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 25444 "A String", 25445 ], 25446 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 25447 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 25448 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 25449 "a_key": "A String", 25450 }, 25451 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 25452 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 25453 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 25454 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 25455 "apiVersion": "A String", # API version of the referent. 25456 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 25457 "controller": True or False, # If true, this reference points to the managing controller. +optional 25458 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 25459 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 25460 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 25461 }, 25462 ], 25463 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 25464 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 25465 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 25466 }, 25467 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 25468 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 25469 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 25470 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25471 "A String", 25472 ], 25473 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25474 "A String", 25475 ], 25476 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25477 { # EnvVar represents an environment variable present in a Container. 25478 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25479 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25480 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25481 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25482 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25483 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25484 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25485 }, 25486 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25487 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25488 }, 25489 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25490 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25491 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25492 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25493 }, 25494 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25495 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25496 }, 25497 }, 25498 }, 25499 ], 25500 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25501 { # EnvFromSource represents the source of a set of ConfigMaps 25502 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25503 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25504 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25505 }, 25506 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25507 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25508 }, 25509 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25510 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25511 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25512 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25513 }, 25514 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25515 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25516 }, 25517 }, 25518 ], 25519 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25520 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25521 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25522 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25523 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25524 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25525 "A String", 25526 ], 25527 }, 25528 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25529 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25530 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25531 { # HTTPHeader describes a custom header to be used in HTTP probes 25532 "name": "A String", # The header field name 25533 "value": "A String", # The header field value 25534 }, 25535 ], 25536 "path": "A String", # Path to access on the HTTP server. +optional 25537 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25538 "intVal": 42, # The int value. 25539 "strVal": "A String", # The string value. 25540 "type": 42, # The type of the value. 25541 }, 25542 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25543 }, 25544 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25545 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25546 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25547 "intVal": 42, # The int value. 25548 "strVal": "A String", # The string value. 25549 "type": 42, # The type of the value. 25550 }, 25551 }, 25552 }, 25553 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25554 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25555 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25556 "A String", 25557 ], 25558 }, 25559 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25560 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25561 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25562 { # HTTPHeader describes a custom header to be used in HTTP probes 25563 "name": "A String", # The header field name 25564 "value": "A String", # The header field value 25565 }, 25566 ], 25567 "path": "A String", # Path to access on the HTTP server. +optional 25568 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25569 "intVal": 42, # The int value. 25570 "strVal": "A String", # The string value. 25571 "type": 42, # The type of the value. 25572 }, 25573 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25574 }, 25575 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25576 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25577 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25578 "intVal": 42, # The int value. 25579 "strVal": "A String", # The string value. 25580 "type": 42, # The type of the value. 25581 }, 25582 }, 25583 }, 25584 }, 25585 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25586 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25587 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25588 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25589 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25590 "A String", 25591 ], 25592 }, 25593 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25594 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25595 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25596 { # HTTPHeader describes a custom header to be used in HTTP probes 25597 "name": "A String", # The header field name 25598 "value": "A String", # The header field value 25599 }, 25600 ], 25601 "path": "A String", # Path to access on the HTTP server. +optional 25602 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25603 "intVal": 42, # The int value. 25604 "strVal": "A String", # The string value. 25605 "type": 42, # The type of the value. 25606 }, 25607 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25608 }, 25609 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25610 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25611 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25612 "intVal": 42, # The int value. 25613 "strVal": "A String", # The string value. 25614 "type": 42, # The type of the value. 25615 }, 25616 }, 25617 }, 25618 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25619 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25620 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25621 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25622 }, 25623 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25624 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25625 { # ContainerPort represents a network port in a single container. 25626 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25627 "hostIP": "A String", # What host IP to bind the external port to. +optional 25628 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25629 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25630 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25631 }, 25632 ], 25633 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25634 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25635 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25636 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25637 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25638 "A String", 25639 ], 25640 }, 25641 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25642 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25643 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25644 { # HTTPHeader describes a custom header to be used in HTTP probes 25645 "name": "A String", # The header field name 25646 "value": "A String", # The header field value 25647 }, 25648 ], 25649 "path": "A String", # Path to access on the HTTP server. +optional 25650 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25651 "intVal": 42, # The int value. 25652 "strVal": "A String", # The string value. 25653 "type": 42, # The type of the value. 25654 }, 25655 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25656 }, 25657 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25658 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25659 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25660 "intVal": 42, # The int value. 25661 "strVal": "A String", # The string value. 25662 "type": 42, # The type of the value. 25663 }, 25664 }, 25665 }, 25666 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25667 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25668 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25669 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25670 }, 25671 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25672 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25673 "a_key": "A String", 25674 }, 25675 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25676 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25677 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25678 }, 25679 }, 25680 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25681 "a_key": "A String", 25682 }, 25683 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25684 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25685 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25686 }, 25687 }, 25688 }, 25689 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25690 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25691 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25692 "add": [ # Added capabilities +optional 25693 "A String", 25694 ], 25695 "drop": [ # Removed capabilities +optional 25696 "A String", 25697 ], 25698 }, 25699 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25700 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25701 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25702 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25703 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25704 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25705 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25706 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25707 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25708 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25709 }, 25710 }, 25711 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25712 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25713 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25714 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25715 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25716 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25717 { # volumeDevice describes a mapping of a raw block device within a container. 25718 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25719 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25720 }, 25721 ], 25722 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25723 { # VolumeMount describes a mounting of a Volume within a container. 25724 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25725 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25726 "name": "A String", # This must match the Name of a Volume. 25727 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25728 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25729 }, 25730 ], 25731 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25732 }, 25733 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 25734 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 25735 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 25736 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25737 "A String", 25738 ], 25739 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25740 "A String", 25741 ], 25742 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25743 { # EnvVar represents an environment variable present in a Container. 25744 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25745 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25746 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25747 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25748 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25749 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25750 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25751 }, 25752 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25753 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25754 }, 25755 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25756 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25757 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25758 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25759 }, 25760 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25761 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25762 }, 25763 }, 25764 }, 25765 ], 25766 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25767 { # EnvFromSource represents the source of a set of ConfigMaps 25768 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25769 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25770 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25771 }, 25772 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25773 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25774 }, 25775 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25776 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25777 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25778 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25779 }, 25780 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25781 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25782 }, 25783 }, 25784 ], 25785 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25786 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25787 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25788 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25789 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25790 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25791 "A String", 25792 ], 25793 }, 25794 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25795 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25796 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25797 { # HTTPHeader describes a custom header to be used in HTTP probes 25798 "name": "A String", # The header field name 25799 "value": "A String", # The header field value 25800 }, 25801 ], 25802 "path": "A String", # Path to access on the HTTP server. +optional 25803 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25804 "intVal": 42, # The int value. 25805 "strVal": "A String", # The string value. 25806 "type": 42, # The type of the value. 25807 }, 25808 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25809 }, 25810 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25811 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25812 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25813 "intVal": 42, # The int value. 25814 "strVal": "A String", # The string value. 25815 "type": 42, # The type of the value. 25816 }, 25817 }, 25818 }, 25819 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25820 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25821 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25822 "A String", 25823 ], 25824 }, 25825 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25826 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25827 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25828 { # HTTPHeader describes a custom header to be used in HTTP probes 25829 "name": "A String", # The header field name 25830 "value": "A String", # The header field value 25831 }, 25832 ], 25833 "path": "A String", # Path to access on the HTTP server. +optional 25834 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25835 "intVal": 42, # The int value. 25836 "strVal": "A String", # The string value. 25837 "type": 42, # The type of the value. 25838 }, 25839 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25840 }, 25841 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25842 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25843 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25844 "intVal": 42, # The int value. 25845 "strVal": "A String", # The string value. 25846 "type": 42, # The type of the value. 25847 }, 25848 }, 25849 }, 25850 }, 25851 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25852 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25853 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25854 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25855 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25856 "A String", 25857 ], 25858 }, 25859 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25860 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25861 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25862 { # HTTPHeader describes a custom header to be used in HTTP probes 25863 "name": "A String", # The header field name 25864 "value": "A String", # The header field value 25865 }, 25866 ], 25867 "path": "A String", # Path to access on the HTTP server. +optional 25868 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25869 "intVal": 42, # The int value. 25870 "strVal": "A String", # The string value. 25871 "type": 42, # The type of the value. 25872 }, 25873 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25874 }, 25875 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25876 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25877 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25878 "intVal": 42, # The int value. 25879 "strVal": "A String", # The string value. 25880 "type": 42, # The type of the value. 25881 }, 25882 }, 25883 }, 25884 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25885 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25886 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25887 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25888 }, 25889 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25890 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25891 { # ContainerPort represents a network port in a single container. 25892 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25893 "hostIP": "A String", # What host IP to bind the external port to. +optional 25894 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25895 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25896 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25897 }, 25898 ], 25899 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25900 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25901 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25902 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25903 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25904 "A String", 25905 ], 25906 }, 25907 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25908 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25909 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25910 { # HTTPHeader describes a custom header to be used in HTTP probes 25911 "name": "A String", # The header field name 25912 "value": "A String", # The header field value 25913 }, 25914 ], 25915 "path": "A String", # Path to access on the HTTP server. +optional 25916 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25917 "intVal": 42, # The int value. 25918 "strVal": "A String", # The string value. 25919 "type": 42, # The type of the value. 25920 }, 25921 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25922 }, 25923 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25924 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25925 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25926 "intVal": 42, # The int value. 25927 "strVal": "A String", # The string value. 25928 "type": 42, # The type of the value. 25929 }, 25930 }, 25931 }, 25932 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25933 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25934 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25935 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25936 }, 25937 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25938 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25939 "a_key": "A String", 25940 }, 25941 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25942 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25943 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25944 }, 25945 }, 25946 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25947 "a_key": "A String", 25948 }, 25949 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25950 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25951 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25952 }, 25953 }, 25954 }, 25955 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25956 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25957 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25958 "add": [ # Added capabilities +optional 25959 "A String", 25960 ], 25961 "drop": [ # Removed capabilities +optional 25962 "A String", 25963 ], 25964 }, 25965 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25966 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25967 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25968 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25969 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25970 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25971 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25972 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25973 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25974 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25975 }, 25976 }, 25977 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25978 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25979 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25980 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25981 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25982 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25983 { # volumeDevice describes a mapping of a raw block device within a container. 25984 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25985 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25986 }, 25987 ], 25988 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25989 { # VolumeMount describes a mounting of a Volume within a container. 25990 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25991 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25992 "name": "A String", # This must match the Name of a Volume. 25993 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25994 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25995 }, 25996 ], 25997 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25998 }, 25999 ], 26000 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 26001 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 26002 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 26003 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 26004 "volumes": [ 26005 { # Volume represents a named volume in a container. 26006 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 26007 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 26008 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 26009 { # Maps a string key to a path within a volume. 26010 "key": "A String", # The key to project. 26011 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 26012 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 26013 }, 26014 ], 26015 "name": "A String", # Name of the config. 26016 "optional": True or False, # Specify whether the Secret or its keys must be defined. 26017 }, 26018 "name": "A String", # Volume's name. 26019 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 26020 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 26021 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 26022 { # Maps a string key to a path within a volume. 26023 "key": "A String", # The key to project. 26024 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 26025 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 26026 }, 26027 ], 26028 "optional": True or False, # Specify whether the Secret or its keys must be defined. 26029 "secretName": "A String", # Name of the secret in the container's namespace to use. 26030 }, 26031 }, 26032 ], 26033 }, 26034 }, 26035 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 26036 { # TrafficTarget holds a single entry of the routing table for a Route. 26037 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 26038 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 26039 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 26040 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 26041 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 26042 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 26043 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 26044 }, 26045 ], 26046 }, 26047 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 26048 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 26049 "hostname": "A String", # Deprecated - use url instead. 26050 "url": "A String", 26051 }, 26052 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 26053 { # ServiceCondition defines a readiness condition for a Service. 26054 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 26055 "message": "A String", # Human-readable message indicating details about last transition. +optional 26056 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 26057 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 26058 "status": "A String", # Status of the condition, one of True, False, Unknown. 26059 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 26060 }, 26061 ], 26062 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 26063 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 26064 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 26065 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 26066 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 26067 { # TrafficTarget holds a single entry of the routing table for a Route. 26068 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 26069 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 26070 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 26071 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 26072 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 26073 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 26074 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 26075 }, 26076 ], 26077 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 26078 }, 26079}</pre> 26080</div> 26081 26082</body></html>