diff --git a/python/proto/osconfig/alpha/os_policy_assignment.proto b/python/proto/osconfig/alpha/os_policy_assignment.proto index 50feab40fa..e06d1e6cd1 100755 --- a/python/proto/osconfig/alpha/os_policy_assignment.proto +++ b/python/proto/osconfig/alpha/os_policy_assignment.proto @@ -92,6 +92,7 @@ message OsconfigAlphaOSPolicyAssignment { string uid = 13; string project = 14; string location = 15; + bool skip_await_rollout = 16; } message OsconfigAlphaOSPolicyAssignmentOSPolicies { diff --git a/python/proto/osconfig/beta/os_policy_assignment.proto b/python/proto/osconfig/beta/os_policy_assignment.proto index eec5345881..42770313a8 100755 --- a/python/proto/osconfig/beta/os_policy_assignment.proto +++ b/python/proto/osconfig/beta/os_policy_assignment.proto @@ -92,6 +92,7 @@ message OsconfigBetaOSPolicyAssignment { string uid = 13; string project = 14; string location = 15; + bool skip_await_rollout = 16; } message OsconfigBetaOSPolicyAssignmentOSPolicies { diff --git a/python/proto/osconfig/os_policy_assignment.proto b/python/proto/osconfig/os_policy_assignment.proto index 51443e09f4..ef942f78f1 100755 --- a/python/proto/osconfig/os_policy_assignment.proto +++ b/python/proto/osconfig/os_policy_assignment.proto @@ -92,6 +92,7 @@ message OsconfigOSPolicyAssignment { string uid = 13; string project = 14; string location = 15; + bool skip_await_rollout = 16; } message OsconfigOSPolicyAssignmentOSPolicies { diff --git a/python/services/osconfig/alpha/os_policy_assignment.py b/python/services/osconfig/alpha/os_policy_assignment.py index e5b6ba4023..9965e9f6db 100755 --- a/python/services/osconfig/alpha/os_policy_assignment.py +++ b/python/services/osconfig/alpha/os_policy_assignment.py @@ -40,6 +40,7 @@ def __init__( uid: str = None, project: str = None, location: str = None, + skip_await_rollout: bool = None, service_account_file: str = "", ): @@ -51,6 +52,7 @@ def __init__( self.rollout = rollout self.project = project self.location = location + self.skip_await_rollout = skip_await_rollout self.service_account_file = service_account_file def apply(self): @@ -86,6 +88,11 @@ def apply(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + request.service_account_file = self.service_account_file response = stub.ApplyOsconfigAlphaOSPolicyAssignment(request) @@ -110,6 +117,7 @@ def apply(self): self.uid = Primitive.from_proto(response.uid) self.project = Primitive.from_proto(response.project) self.location = Primitive.from_proto(response.location) + self.skip_await_rollout = Primitive.from_proto(response.skip_await_rollout) def delete(self): stub = os_policy_assignment_pb2_grpc.OsconfigAlphaOSPolicyAssignmentServiceStub( @@ -147,6 +155,11 @@ def delete(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + response = stub.DeleteOsconfigAlphaOSPolicyAssignment(request) @classmethod @@ -186,6 +199,8 @@ def to_proto(self): resource.project = Primitive.to_proto(self.project) if Primitive.to_proto(self.location): resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + resource.skip_await_rollout = Primitive.to_proto(self.skip_await_rollout) return resource diff --git a/python/services/osconfig/alpha/os_policy_assignment_server.go b/python/services/osconfig/alpha/os_policy_assignment_server.go index 4dd99187e8..71ae7fb771 100755 --- a/python/services/osconfig/alpha/os_policy_assignment_server.go +++ b/python/services/osconfig/alpha/os_policy_assignment_server.go @@ -728,6 +728,7 @@ func ProtoToOSPolicyAssignment(p *alphapb.OsconfigAlphaOSPolicyAssignment) *alph Uid: dcl.StringOrNil(p.GetUid()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), + SkipAwaitRollout: dcl.Bool(p.GetSkipAwaitRollout()), } for _, r := range p.GetOsPolicies() { obj.OSPolicies = append(obj.OSPolicies, *ProtoToOsconfigAlphaOSPolicyAssignmentOSPolicies(r)) @@ -1424,6 +1425,7 @@ func OSPolicyAssignmentToProto(resource *alpha.OSPolicyAssignment) *alphapb.Osco p.SetUid(dcl.ValueOrEmptyString(resource.Uid)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) + p.SetSkipAwaitRollout(dcl.ValueOrEmptyBool(resource.SkipAwaitRollout)) sOSPolicies := make([]*alphapb.OsconfigAlphaOSPolicyAssignmentOSPolicies, len(resource.OSPolicies)) for i, r := range resource.OSPolicies { sOSPolicies[i] = OsconfigAlphaOSPolicyAssignmentOSPoliciesToProto(&r) diff --git a/python/services/osconfig/beta/os_policy_assignment.py b/python/services/osconfig/beta/os_policy_assignment.py index f40952541c..a92e113ea4 100755 --- a/python/services/osconfig/beta/os_policy_assignment.py +++ b/python/services/osconfig/beta/os_policy_assignment.py @@ -40,6 +40,7 @@ def __init__( uid: str = None, project: str = None, location: str = None, + skip_await_rollout: bool = None, service_account_file: str = "", ): @@ -51,6 +52,7 @@ def __init__( self.rollout = rollout self.project = project self.location = location + self.skip_await_rollout = skip_await_rollout self.service_account_file = service_account_file def apply(self): @@ -86,6 +88,11 @@ def apply(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + request.service_account_file = self.service_account_file response = stub.ApplyOsconfigBetaOSPolicyAssignment(request) @@ -110,6 +117,7 @@ def apply(self): self.uid = Primitive.from_proto(response.uid) self.project = Primitive.from_proto(response.project) self.location = Primitive.from_proto(response.location) + self.skip_await_rollout = Primitive.from_proto(response.skip_await_rollout) def delete(self): stub = os_policy_assignment_pb2_grpc.OsconfigBetaOSPolicyAssignmentServiceStub( @@ -145,6 +153,11 @@ def delete(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + response = stub.DeleteOsconfigBetaOSPolicyAssignment(request) @classmethod @@ -184,6 +197,8 @@ def to_proto(self): resource.project = Primitive.to_proto(self.project) if Primitive.to_proto(self.location): resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + resource.skip_await_rollout = Primitive.to_proto(self.skip_await_rollout) return resource diff --git a/python/services/osconfig/beta/os_policy_assignment_server.go b/python/services/osconfig/beta/os_policy_assignment_server.go index ab875482dd..da3907ebe2 100755 --- a/python/services/osconfig/beta/os_policy_assignment_server.go +++ b/python/services/osconfig/beta/os_policy_assignment_server.go @@ -728,6 +728,7 @@ func ProtoToOSPolicyAssignment(p *betapb.OsconfigBetaOSPolicyAssignment) *beta.O Uid: dcl.StringOrNil(p.GetUid()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), + SkipAwaitRollout: dcl.Bool(p.GetSkipAwaitRollout()), } for _, r := range p.GetOsPolicies() { obj.OSPolicies = append(obj.OSPolicies, *ProtoToOsconfigBetaOSPolicyAssignmentOSPolicies(r)) @@ -1424,6 +1425,7 @@ func OSPolicyAssignmentToProto(resource *beta.OSPolicyAssignment) *betapb.Osconf p.SetUid(dcl.ValueOrEmptyString(resource.Uid)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) + p.SetSkipAwaitRollout(dcl.ValueOrEmptyBool(resource.SkipAwaitRollout)) sOSPolicies := make([]*betapb.OsconfigBetaOSPolicyAssignmentOSPolicies, len(resource.OSPolicies)) for i, r := range resource.OSPolicies { sOSPolicies[i] = OsconfigBetaOSPolicyAssignmentOSPoliciesToProto(&r) diff --git a/python/services/osconfig/os_policy_assignment.py b/python/services/osconfig/os_policy_assignment.py index ab64be365d..4c5ee279b0 100755 --- a/python/services/osconfig/os_policy_assignment.py +++ b/python/services/osconfig/os_policy_assignment.py @@ -40,6 +40,7 @@ def __init__( uid: str = None, project: str = None, location: str = None, + skip_await_rollout: bool = None, service_account_file: str = "", ): @@ -51,6 +52,7 @@ def __init__( self.rollout = rollout self.project = project self.location = location + self.skip_await_rollout = skip_await_rollout self.service_account_file = service_account_file def apply(self): @@ -86,6 +88,11 @@ def apply(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + request.service_account_file = self.service_account_file response = stub.ApplyOsconfigOSPolicyAssignment(request) @@ -110,6 +117,7 @@ def apply(self): self.uid = Primitive.from_proto(response.uid) self.project = Primitive.from_proto(response.project) self.location = Primitive.from_proto(response.location) + self.skip_await_rollout = Primitive.from_proto(response.skip_await_rollout) def delete(self): stub = os_policy_assignment_pb2_grpc.OsconfigOSPolicyAssignmentServiceStub( @@ -145,6 +153,11 @@ def delete(self): if Primitive.to_proto(self.location): request.resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + request.resource.skip_await_rollout = Primitive.to_proto( + self.skip_await_rollout + ) + response = stub.DeleteOsconfigOSPolicyAssignment(request) @classmethod @@ -184,6 +197,8 @@ def to_proto(self): resource.project = Primitive.to_proto(self.project) if Primitive.to_proto(self.location): resource.location = Primitive.to_proto(self.location) + if Primitive.to_proto(self.skip_await_rollout): + resource.skip_await_rollout = Primitive.to_proto(self.skip_await_rollout) return resource diff --git a/python/services/osconfig/os_policy_assignment_server.go b/python/services/osconfig/os_policy_assignment_server.go index 6dd19fe480..4df14469fb 100755 --- a/python/services/osconfig/os_policy_assignment_server.go +++ b/python/services/osconfig/os_policy_assignment_server.go @@ -728,6 +728,7 @@ func ProtoToOSPolicyAssignment(p *osconfigpb.OsconfigOSPolicyAssignment) *osconf Uid: dcl.StringOrNil(p.GetUid()), Project: dcl.StringOrNil(p.GetProject()), Location: dcl.StringOrNil(p.GetLocation()), + SkipAwaitRollout: dcl.Bool(p.GetSkipAwaitRollout()), } for _, r := range p.GetOsPolicies() { obj.OSPolicies = append(obj.OSPolicies, *ProtoToOsconfigOSPolicyAssignmentOSPolicies(r)) @@ -1424,6 +1425,7 @@ func OSPolicyAssignmentToProto(resource *osconfig.OSPolicyAssignment) *osconfigp p.SetUid(dcl.ValueOrEmptyString(resource.Uid)) p.SetProject(dcl.ValueOrEmptyString(resource.Project)) p.SetLocation(dcl.ValueOrEmptyString(resource.Location)) + p.SetSkipAwaitRollout(dcl.ValueOrEmptyBool(resource.SkipAwaitRollout)) sOSPolicies := make([]*osconfigpb.OsconfigOSPolicyAssignmentOSPolicies, len(resource.OSPolicies)) for i, r := range resource.OSPolicies { sOSPolicies[i] = OsconfigOSPolicyAssignmentOSPoliciesToProto(&r) diff --git a/services/google/osconfig/alpha/os_policy_assignment.go b/services/google/osconfig/alpha/os_policy_assignment.go index 6175d34c52..cf3b16cff5 100755 --- a/services/google/osconfig/alpha/os_policy_assignment.go +++ b/services/google/osconfig/alpha/os_policy_assignment.go @@ -40,6 +40,7 @@ type OSPolicyAssignment struct { Uid *string `json:"uid"` Project *string `json:"project"` Location *string `json:"location"` + SkipAwaitRollout *bool `json:"skipAwaitRollout"` } func (r *OSPolicyAssignment) String() string { @@ -2603,6 +2604,7 @@ func (r *OSPolicyAssignment) ID() (string, error) { "uid": dcl.ValueOrEmptyString(nr.Uid), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), + "skip_await_rollout": dcl.ValueOrEmptyString(nr.SkipAwaitRollout), } return dcl.Nprintf("projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", params), nil } diff --git a/services/google/osconfig/alpha/os_policy_assignment.yaml b/services/google/osconfig/alpha/os_policy_assignment.yaml index cad8f2e01f..4b9dbbd39c 100755 --- a/services/google/osconfig/alpha/os_policy_assignment.yaml +++ b/services/google/osconfig/alpha/os_policy_assignment.yaml @@ -65,6 +65,7 @@ components: OSPolicyAssignment: title: OSPolicyAssignment x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}} + x-dcl-uses-state-hint: true x-dcl-parent-container: project x-dcl-has-create: true x-dcl-has-iam: false @@ -1337,6 +1338,12 @@ components: - CANCELLING - CANCELLED - SUCCEEDED + skipAwaitRollout: + type: boolean + x-dcl-go-name: SkipAwaitRollout + description: Set to true to skip awaiting rollout during resource creation + and update. + x-dcl-mutable-unreadable: true uid: type: string x-dcl-go-name: Uid diff --git a/services/google/osconfig/alpha/os_policy_assignment_alpha_yaml_embed.go b/services/google/osconfig/alpha/os_policy_assignment_alpha_yaml_embed.go index cd738909df..8b84f8c1f6 100755 --- a/services/google/osconfig/alpha/os_policy_assignment_alpha_yaml_embed.go +++ b/services/google/osconfig/alpha/os_policy_assignment_alpha_yaml_embed.go @@ -17,7 +17,7 @@ package alpha // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/osconfig/alpha/os_policy_assignment.yaml -var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") +var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n skipAwaitRollout:\n type: boolean\n x-dcl-go-name: SkipAwaitRollout\n description: Set to true to skip awaiting rollout during resource creation\n and update.\n x-dcl-mutable-unreadable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") -// 73077 bytes -// MD5: 2e21685d807af0ec126ba8fd39ba7684 +// 73353 bytes +// MD5: fb683ef5ed536f19f669a17a052fb49d diff --git a/services/google/osconfig/alpha/os_policy_assignment_internal.go b/services/google/osconfig/alpha/os_policy_assignment_internal.go index bb15be1cad..35ce39cbc2 100755 --- a/services/google/osconfig/alpha/os_policy_assignment_internal.go +++ b/services/google/osconfig/alpha/os_policy_assignment_internal.go @@ -22,7 +22,6 @@ import ( "strings" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" - "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) func (r *OSPolicyAssignment) validate() error { @@ -639,22 +638,8 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont } else if !dcl.IsEmptyValueIndirect(v) { req["rollout"] = v } - b, err := c.getOSPolicyAssignmentRaw(ctx, f) - if err != nil { - return nil, err - } - var m map[string]interface{} - if err := json.Unmarshal(b, &m); err != nil { - return nil, err - } - rawEtag, err := dcl.GetMapEntry( - m, - []string{"etag"}, - ) - if err != nil { - c.Config.Logger.WarningWithContextf(ctx, "Failed to fetch from JSON Path: %v", err) - } else { - req["etag"] = rawEtag.(string) + if v := f.SkipAwaitRollout; !dcl.IsEmptyValueIndirect(v) { + req["skipAwaitRollout"] = v } return req, nil } @@ -663,6 +648,11 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont // the final JSON request body. func marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c *Client, m map[string]interface{}) ([]byte, error) { + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -678,50 +668,6 @@ type updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation struct { // do will transcribe a subset of the resource into a request object and send a // PUT request to a single URL. -func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - _, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - return err - } - - u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") - if err != nil { - return err - } - mask := dcl.TopLevelUpdateMask(op.FieldDiffs) - u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) - if err != nil { - return err - } - - req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) - if err != nil { - return err - } - - c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) - body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) - if err != nil { - return err - } - - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") - - if err != nil { - return err - } - - return nil -} - func (c *Client) listOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment, pageToken string, pageSize int32) ([]byte, error) { u, err := r.urlNormalized().listURL(c.Config.BasePath) if err != nil { @@ -799,59 +745,6 @@ func (c *Client) deleteAllOSPolicyAssignment(ctx context.Context, f func(*OSPoli type deleteOSPolicyAssignmentOperation struct{} -func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - r, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - if dcl.IsNotFound(err) { - c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) - return nil - } - c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) - return err - } - - err = r.waitForNotReconciling(ctx, c) - if err != nil { - return err - } - u, err := r.deleteURL(c.Config.BasePath) - if err != nil { - return err - } - - // Delete should never have a body - body := &bytes.Buffer{} - resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) - if err != nil { - return err - } - - // wait for object to be deleted. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - return err - } - - // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. - // This is the reason we are adding retry to handle that case. - retriesRemaining := 10 - dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { - _, err := c.GetOSPolicyAssignment(ctx, r) - if dcl.IsNotFound(err) { - return nil, nil - } - if retriesRemaining > 0 { - retriesRemaining-- - return &dcl.RetryDetails{}, dcl.OperationNotDone{} - } - return nil, dcl.NotDeletedError{ExistingResource: r} - }, c.Config.RetryProvider) - return nil -} - // Create operations are similar to Update operations, although they do not have // specific request objects. The Create request object is the json encoding of // the resource, which is modified by res.marshal to form the base request body. @@ -863,41 +756,6 @@ func (op *createOSPolicyAssignmentOperation) FirstResponse() (map[string]interfa return op.response, len(op.response) > 0 } -func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) - u, err := r.createURL(c.Config.BasePath) - if err != nil { - return err - } - - req, err := r.marshal(c) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) - if err != nil { - return err - } - // wait for object to be created. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) - return err - } - c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") - op.response, _ = o.FirstResponse() - - if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { - c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) - return err - } - - return nil -} - func (c *Client) getOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment) ([]byte, error) { u, err := r.getURL(c.Config.BasePath) @@ -1017,6 +875,11 @@ func canonicalizeOSPolicyAssignmentDesiredState(rawDesired, rawInitial *OSPolicy } else { canonicalDesired.Location = rawDesired.Location } + if dcl.BoolCanonicalize(rawDesired.SkipAwaitRollout, rawInitial.SkipAwaitRollout) { + canonicalDesired.SkipAwaitRollout = rawInitial.SkipAwaitRollout + } else { + canonicalDesired.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } return canonicalDesired, nil } @@ -1119,6 +982,12 @@ func canonicalizeOSPolicyAssignmentNewState(c *Client, rawNew, rawDesired *OSPol rawNew.Location = rawDesired.Location + if dcl.IsEmptyValueIndirect(rawNew.SkipAwaitRollout) && dcl.IsEmptyValueIndirect(rawDesired.SkipAwaitRollout) { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } else { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } + return rawNew, nil } @@ -7250,6 +7119,13 @@ func diffOSPolicyAssignment(c *Client, desired, actual *OSPolicyAssignment, opts newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.SkipAwaitRollout, actual.SkipAwaitRollout, dcl.DiffInfo{OperationSelector: dcl.TriggersOperation("updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation")}, fn.AddNest("SkipAwaitRollout")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + return newDiffs, nil } func compareOSPolicyAssignmentOSPoliciesNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { @@ -9218,6 +9094,11 @@ func (r *OSPolicyAssignment) marshal(c *Client) ([]byte, error) { if err != nil { return nil, fmt.Errorf("error marshalling OSPolicyAssignment: %w", err) } + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -9278,6 +9159,9 @@ func expandOSPolicyAssignment(c *Client, f *OSPolicyAssignment) (map[string]inte } else if !dcl.IsEmptyValueIndirect(v) { m["location"] = v } + if v := f.SkipAwaitRollout; dcl.ValueShouldBeSent(v) { + m["skipAwaitRollout"] = v + } return m, nil } @@ -9309,6 +9193,7 @@ func flattenOSPolicyAssignment(c *Client, i interface{}, res *OSPolicyAssignment resultRes.Uid = dcl.FlattenString(m["uid"]) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) + resultRes.SkipAwaitRollout = dcl.FlattenBool(m["skipAwaitRollout"]) return resultRes } diff --git a/services/google/osconfig/alpha/os_policy_assignment_schema.go b/services/google/osconfig/alpha/os_policy_assignment_schema.go index 7445b41674..d67fc74b2e 100755 --- a/services/google/osconfig/alpha/os_policy_assignment_schema.go +++ b/services/google/osconfig/alpha/os_policy_assignment_schema.go @@ -103,6 +103,7 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "OSPolicyAssignment": &dcl.Component{ Title: "OSPolicyAssignment", ID: "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", + UsesStateHint: true, ParentContainer: "project", HasCreate: true, SchemaProperty: dcl.Property{ @@ -1461,6 +1462,12 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "SUCCEEDED", }, }, + "skipAwaitRollout": &dcl.Property{ + Type: "boolean", + GoName: "SkipAwaitRollout", + Description: "Set to true to skip awaiting rollout during resource creation and update.", + Unreadable: true, + }, "uid": &dcl.Property{ Type: "string", GoName: "Uid", diff --git a/services/google/osconfig/alpha/osconfig_ga_utils.go b/services/google/osconfig/alpha/osconfig_ga_utils.go index b0734395f5..2001b34037 100755 --- a/services/google/osconfig/alpha/osconfig_ga_utils.go +++ b/services/google/osconfig/alpha/osconfig_ga_utils.go @@ -15,10 +15,12 @@ package alpha import ( + "bytes" "context" "time" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) // Returns true if m and n represent the same floating point value of seconds. @@ -55,3 +57,141 @@ func (r *OSPolicyAssignment) waitForNotReconciling(ctx context.Context, client * return nil, nil }, client.Config.RetryProvider) } + +func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) + u, err := r.createURL(c.Config.BasePath) + if err != nil { + return err + } + + req, err := r.marshal(c) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be created. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) + return err + } + c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") + op.response, _ = o.FirstResponse() + } + + if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { + c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) + return err + } + + return nil +} + +func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + _, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + return err + } + + u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") + if err != nil { + return err + } + mask := dcl.TopLevelUpdateMask(op.FieldDiffs) + u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) + if err != nil { + return err + } + + req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) + if err != nil { + return err + } + + c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) + body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") + + if err != nil { + return err + } + } + + return nil +} + +func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + r, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + if dcl.IsNotFound(err) { + c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) + return nil + } + c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) + return err + } + err = r.waitForNotReconciling(ctx, c) + if err != nil { + return err + } + u, err := r.deleteURL(c.Config.BasePath) + if err != nil { + return err + } + + // Delete should never have a body + body := &bytes.Buffer{} + resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be deleted. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + return err + } + } + + // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. + // This is the reason we are adding retry to handle that case. + retriesRemaining := 10 + dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { + _, err := c.GetOSPolicyAssignment(ctx, r) + if dcl.IsNotFound(err) { + return nil, nil + } + if retriesRemaining > 0 { + retriesRemaining-- + return &dcl.RetryDetails{}, dcl.OperationNotDone{} + } + return nil, dcl.NotDeletedError{ExistingResource: r} + }, c.Config.RetryProvider) + return nil +} diff --git a/services/google/osconfig/beta/os_policy_assignment.go b/services/google/osconfig/beta/os_policy_assignment.go index 9a9ce955a9..06a061daf1 100755 --- a/services/google/osconfig/beta/os_policy_assignment.go +++ b/services/google/osconfig/beta/os_policy_assignment.go @@ -40,6 +40,7 @@ type OSPolicyAssignment struct { Uid *string `json:"uid"` Project *string `json:"project"` Location *string `json:"location"` + SkipAwaitRollout *bool `json:"skipAwaitRollout"` } func (r *OSPolicyAssignment) String() string { @@ -2603,6 +2604,7 @@ func (r *OSPolicyAssignment) ID() (string, error) { "uid": dcl.ValueOrEmptyString(nr.Uid), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), + "skip_await_rollout": dcl.ValueOrEmptyString(nr.SkipAwaitRollout), } return dcl.Nprintf("projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", params), nil } diff --git a/services/google/osconfig/beta/os_policy_assignment.yaml b/services/google/osconfig/beta/os_policy_assignment.yaml index cad8f2e01f..4b9dbbd39c 100755 --- a/services/google/osconfig/beta/os_policy_assignment.yaml +++ b/services/google/osconfig/beta/os_policy_assignment.yaml @@ -65,6 +65,7 @@ components: OSPolicyAssignment: title: OSPolicyAssignment x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}} + x-dcl-uses-state-hint: true x-dcl-parent-container: project x-dcl-has-create: true x-dcl-has-iam: false @@ -1337,6 +1338,12 @@ components: - CANCELLING - CANCELLED - SUCCEEDED + skipAwaitRollout: + type: boolean + x-dcl-go-name: SkipAwaitRollout + description: Set to true to skip awaiting rollout during resource creation + and update. + x-dcl-mutable-unreadable: true uid: type: string x-dcl-go-name: Uid diff --git a/services/google/osconfig/beta/os_policy_assignment_beta_yaml_embed.go b/services/google/osconfig/beta/os_policy_assignment_beta_yaml_embed.go index e565057c05..fca434441e 100755 --- a/services/google/osconfig/beta/os_policy_assignment_beta_yaml_embed.go +++ b/services/google/osconfig/beta/os_policy_assignment_beta_yaml_embed.go @@ -17,7 +17,7 @@ package beta // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/osconfig/beta/os_policy_assignment.yaml -var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") +var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n skipAwaitRollout:\n type: boolean\n x-dcl-go-name: SkipAwaitRollout\n description: Set to true to skip awaiting rollout during resource creation\n and update.\n x-dcl-mutable-unreadable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") -// 73077 bytes -// MD5: 2e21685d807af0ec126ba8fd39ba7684 +// 73353 bytes +// MD5: fb683ef5ed536f19f669a17a052fb49d diff --git a/services/google/osconfig/beta/os_policy_assignment_internal.go b/services/google/osconfig/beta/os_policy_assignment_internal.go index c8e1e96c61..ea998bcdf8 100755 --- a/services/google/osconfig/beta/os_policy_assignment_internal.go +++ b/services/google/osconfig/beta/os_policy_assignment_internal.go @@ -22,7 +22,6 @@ import ( "strings" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" - "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) func (r *OSPolicyAssignment) validate() error { @@ -639,22 +638,8 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont } else if !dcl.IsEmptyValueIndirect(v) { req["rollout"] = v } - b, err := c.getOSPolicyAssignmentRaw(ctx, f) - if err != nil { - return nil, err - } - var m map[string]interface{} - if err := json.Unmarshal(b, &m); err != nil { - return nil, err - } - rawEtag, err := dcl.GetMapEntry( - m, - []string{"etag"}, - ) - if err != nil { - c.Config.Logger.WarningWithContextf(ctx, "Failed to fetch from JSON Path: %v", err) - } else { - req["etag"] = rawEtag.(string) + if v := f.SkipAwaitRollout; !dcl.IsEmptyValueIndirect(v) { + req["skipAwaitRollout"] = v } return req, nil } @@ -663,6 +648,11 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont // the final JSON request body. func marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c *Client, m map[string]interface{}) ([]byte, error) { + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -678,50 +668,6 @@ type updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation struct { // do will transcribe a subset of the resource into a request object and send a // PUT request to a single URL. -func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - _, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - return err - } - - u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") - if err != nil { - return err - } - mask := dcl.TopLevelUpdateMask(op.FieldDiffs) - u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) - if err != nil { - return err - } - - req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) - if err != nil { - return err - } - - c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) - body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) - if err != nil { - return err - } - - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") - - if err != nil { - return err - } - - return nil -} - func (c *Client) listOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment, pageToken string, pageSize int32) ([]byte, error) { u, err := r.urlNormalized().listURL(c.Config.BasePath) if err != nil { @@ -799,59 +745,6 @@ func (c *Client) deleteAllOSPolicyAssignment(ctx context.Context, f func(*OSPoli type deleteOSPolicyAssignmentOperation struct{} -func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - r, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - if dcl.IsNotFound(err) { - c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) - return nil - } - c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) - return err - } - - err = r.waitForNotReconciling(ctx, c) - if err != nil { - return err - } - u, err := r.deleteURL(c.Config.BasePath) - if err != nil { - return err - } - - // Delete should never have a body - body := &bytes.Buffer{} - resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) - if err != nil { - return err - } - - // wait for object to be deleted. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - return err - } - - // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. - // This is the reason we are adding retry to handle that case. - retriesRemaining := 10 - dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { - _, err := c.GetOSPolicyAssignment(ctx, r) - if dcl.IsNotFound(err) { - return nil, nil - } - if retriesRemaining > 0 { - retriesRemaining-- - return &dcl.RetryDetails{}, dcl.OperationNotDone{} - } - return nil, dcl.NotDeletedError{ExistingResource: r} - }, c.Config.RetryProvider) - return nil -} - // Create operations are similar to Update operations, although they do not have // specific request objects. The Create request object is the json encoding of // the resource, which is modified by res.marshal to form the base request body. @@ -863,41 +756,6 @@ func (op *createOSPolicyAssignmentOperation) FirstResponse() (map[string]interfa return op.response, len(op.response) > 0 } -func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) - u, err := r.createURL(c.Config.BasePath) - if err != nil { - return err - } - - req, err := r.marshal(c) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) - if err != nil { - return err - } - // wait for object to be created. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) - return err - } - c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") - op.response, _ = o.FirstResponse() - - if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { - c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) - return err - } - - return nil -} - func (c *Client) getOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment) ([]byte, error) { u, err := r.getURL(c.Config.BasePath) @@ -1017,6 +875,11 @@ func canonicalizeOSPolicyAssignmentDesiredState(rawDesired, rawInitial *OSPolicy } else { canonicalDesired.Location = rawDesired.Location } + if dcl.BoolCanonicalize(rawDesired.SkipAwaitRollout, rawInitial.SkipAwaitRollout) { + canonicalDesired.SkipAwaitRollout = rawInitial.SkipAwaitRollout + } else { + canonicalDesired.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } return canonicalDesired, nil } @@ -1119,6 +982,12 @@ func canonicalizeOSPolicyAssignmentNewState(c *Client, rawNew, rawDesired *OSPol rawNew.Location = rawDesired.Location + if dcl.IsEmptyValueIndirect(rawNew.SkipAwaitRollout) && dcl.IsEmptyValueIndirect(rawDesired.SkipAwaitRollout) { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } else { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } + return rawNew, nil } @@ -7250,6 +7119,13 @@ func diffOSPolicyAssignment(c *Client, desired, actual *OSPolicyAssignment, opts newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.SkipAwaitRollout, actual.SkipAwaitRollout, dcl.DiffInfo{OperationSelector: dcl.TriggersOperation("updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation")}, fn.AddNest("SkipAwaitRollout")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + return newDiffs, nil } func compareOSPolicyAssignmentOSPoliciesNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { @@ -9218,6 +9094,11 @@ func (r *OSPolicyAssignment) marshal(c *Client) ([]byte, error) { if err != nil { return nil, fmt.Errorf("error marshalling OSPolicyAssignment: %w", err) } + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -9278,6 +9159,9 @@ func expandOSPolicyAssignment(c *Client, f *OSPolicyAssignment) (map[string]inte } else if !dcl.IsEmptyValueIndirect(v) { m["location"] = v } + if v := f.SkipAwaitRollout; dcl.ValueShouldBeSent(v) { + m["skipAwaitRollout"] = v + } return m, nil } @@ -9309,6 +9193,7 @@ func flattenOSPolicyAssignment(c *Client, i interface{}, res *OSPolicyAssignment resultRes.Uid = dcl.FlattenString(m["uid"]) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) + resultRes.SkipAwaitRollout = dcl.FlattenBool(m["skipAwaitRollout"]) return resultRes } diff --git a/services/google/osconfig/beta/os_policy_assignment_schema.go b/services/google/osconfig/beta/os_policy_assignment_schema.go index bab63fd106..343ae979bf 100755 --- a/services/google/osconfig/beta/os_policy_assignment_schema.go +++ b/services/google/osconfig/beta/os_policy_assignment_schema.go @@ -103,6 +103,7 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "OSPolicyAssignment": &dcl.Component{ Title: "OSPolicyAssignment", ID: "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", + UsesStateHint: true, ParentContainer: "project", HasCreate: true, SchemaProperty: dcl.Property{ @@ -1461,6 +1462,12 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "SUCCEEDED", }, }, + "skipAwaitRollout": &dcl.Property{ + Type: "boolean", + GoName: "SkipAwaitRollout", + Description: "Set to true to skip awaiting rollout during resource creation and update.", + Unreadable: true, + }, "uid": &dcl.Property{ Type: "string", GoName: "Uid", diff --git a/services/google/osconfig/beta/osconfig_ga_utils.go b/services/google/osconfig/beta/osconfig_ga_utils.go index 05d15eefdb..fe4b99deb8 100755 --- a/services/google/osconfig/beta/osconfig_ga_utils.go +++ b/services/google/osconfig/beta/osconfig_ga_utils.go @@ -15,10 +15,12 @@ package beta import ( + "bytes" "context" "time" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) // Returns true if m and n represent the same floating point value of seconds. @@ -55,3 +57,141 @@ func (r *OSPolicyAssignment) waitForNotReconciling(ctx context.Context, client * return nil, nil }, client.Config.RetryProvider) } + +func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) + u, err := r.createURL(c.Config.BasePath) + if err != nil { + return err + } + + req, err := r.marshal(c) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be created. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) + return err + } + c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") + op.response, _ = o.FirstResponse() + } + + if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { + c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) + return err + } + + return nil +} + +func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + _, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + return err + } + + u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") + if err != nil { + return err + } + mask := dcl.TopLevelUpdateMask(op.FieldDiffs) + u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) + if err != nil { + return err + } + + req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) + if err != nil { + return err + } + + c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) + body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") + + if err != nil { + return err + } + } + + return nil +} + +func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + r, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + if dcl.IsNotFound(err) { + c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) + return nil + } + c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) + return err + } + err = r.waitForNotReconciling(ctx, c) + if err != nil { + return err + } + u, err := r.deleteURL(c.Config.BasePath) + if err != nil { + return err + } + + // Delete should never have a body + body := &bytes.Buffer{} + resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be deleted. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + return err + } + } + + // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. + // This is the reason we are adding retry to handle that case. + retriesRemaining := 10 + dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { + _, err := c.GetOSPolicyAssignment(ctx, r) + if dcl.IsNotFound(err) { + return nil, nil + } + if retriesRemaining > 0 { + retriesRemaining-- + return &dcl.RetryDetails{}, dcl.OperationNotDone{} + } + return nil, dcl.NotDeletedError{ExistingResource: r} + }, c.Config.RetryProvider) + return nil +} diff --git a/services/google/osconfig/os_policy_assignment.go b/services/google/osconfig/os_policy_assignment.go index cce1b3f9c7..4139e8c10f 100755 --- a/services/google/osconfig/os_policy_assignment.go +++ b/services/google/osconfig/os_policy_assignment.go @@ -40,6 +40,7 @@ type OSPolicyAssignment struct { Uid *string `json:"uid"` Project *string `json:"project"` Location *string `json:"location"` + SkipAwaitRollout *bool `json:"skipAwaitRollout"` } func (r *OSPolicyAssignment) String() string { @@ -2603,6 +2604,7 @@ func (r *OSPolicyAssignment) ID() (string, error) { "uid": dcl.ValueOrEmptyString(nr.Uid), "project": dcl.ValueOrEmptyString(nr.Project), "location": dcl.ValueOrEmptyString(nr.Location), + "skip_await_rollout": dcl.ValueOrEmptyString(nr.SkipAwaitRollout), } return dcl.Nprintf("projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", params), nil } diff --git a/services/google/osconfig/os_policy_assignment.yaml b/services/google/osconfig/os_policy_assignment.yaml index cad8f2e01f..4b9dbbd39c 100755 --- a/services/google/osconfig/os_policy_assignment.yaml +++ b/services/google/osconfig/os_policy_assignment.yaml @@ -65,6 +65,7 @@ components: OSPolicyAssignment: title: OSPolicyAssignment x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}} + x-dcl-uses-state-hint: true x-dcl-parent-container: project x-dcl-has-create: true x-dcl-has-iam: false @@ -1337,6 +1338,12 @@ components: - CANCELLING - CANCELLED - SUCCEEDED + skipAwaitRollout: + type: boolean + x-dcl-go-name: SkipAwaitRollout + description: Set to true to skip awaiting rollout during resource creation + and update. + x-dcl-mutable-unreadable: true uid: type: string x-dcl-go-name: Uid diff --git a/services/google/osconfig/os_policy_assignment_internal.go b/services/google/osconfig/os_policy_assignment_internal.go index a7ee6716ad..1a0d4a5aac 100755 --- a/services/google/osconfig/os_policy_assignment_internal.go +++ b/services/google/osconfig/os_policy_assignment_internal.go @@ -22,7 +22,6 @@ import ( "strings" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" - "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) func (r *OSPolicyAssignment) validate() error { @@ -639,22 +638,8 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont } else if !dcl.IsEmptyValueIndirect(v) { req["rollout"] = v } - b, err := c.getOSPolicyAssignmentRaw(ctx, f) - if err != nil { - return nil, err - } - var m map[string]interface{} - if err := json.Unmarshal(b, &m); err != nil { - return nil, err - } - rawEtag, err := dcl.GetMapEntry( - m, - []string{"etag"}, - ) - if err != nil { - c.Config.Logger.WarningWithContextf(ctx, "Failed to fetch from JSON Path: %v", err) - } else { - req["etag"] = rawEtag.(string) + if v := f.SkipAwaitRollout; !dcl.IsEmptyValueIndirect(v) { + req["skipAwaitRollout"] = v } return req, nil } @@ -663,6 +648,11 @@ func newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx context.Cont // the final JSON request body. func marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c *Client, m map[string]interface{}) ([]byte, error) { + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -678,50 +668,6 @@ type updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation struct { // do will transcribe a subset of the resource into a request object and send a // PUT request to a single URL. -func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - _, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - return err - } - - u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") - if err != nil { - return err - } - mask := dcl.TopLevelUpdateMask(op.FieldDiffs) - u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) - if err != nil { - return err - } - - req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) - if err != nil { - return err - } - - c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) - body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) - if err != nil { - return err - } - - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") - - if err != nil { - return err - } - - return nil -} - func (c *Client) listOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment, pageToken string, pageSize int32) ([]byte, error) { u, err := r.urlNormalized().listURL(c.Config.BasePath) if err != nil { @@ -799,59 +745,6 @@ func (c *Client) deleteAllOSPolicyAssignment(ctx context.Context, f func(*OSPoli type deleteOSPolicyAssignmentOperation struct{} -func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - r, err := c.GetOSPolicyAssignment(ctx, r) - if err != nil { - if dcl.IsNotFound(err) { - c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) - return nil - } - c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) - return err - } - - err = r.waitForNotReconciling(ctx, c) - if err != nil { - return err - } - u, err := r.deleteURL(c.Config.BasePath) - if err != nil { - return err - } - - // Delete should never have a body - body := &bytes.Buffer{} - resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) - if err != nil { - return err - } - - // wait for object to be deleted. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - return err - } - - // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. - // This is the reason we are adding retry to handle that case. - retriesRemaining := 10 - dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { - _, err := c.GetOSPolicyAssignment(ctx, r) - if dcl.IsNotFound(err) { - return nil, nil - } - if retriesRemaining > 0 { - retriesRemaining-- - return &dcl.RetryDetails{}, dcl.OperationNotDone{} - } - return nil, dcl.NotDeletedError{ExistingResource: r} - }, c.Config.RetryProvider) - return nil -} - // Create operations are similar to Update operations, although they do not have // specific request objects. The Create request object is the json encoding of // the resource, which is modified by res.marshal to form the base request body. @@ -863,41 +756,6 @@ func (op *createOSPolicyAssignmentOperation) FirstResponse() (map[string]interfa return op.response, len(op.response) > 0 } -func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { - c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) - u, err := r.createURL(c.Config.BasePath) - if err != nil { - return err - } - - req, err := r.marshal(c) - if err != nil { - return err - } - resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) - if err != nil { - return err - } - // wait for object to be created. - var o operations.StandardGCPOperation - if err := dcl.ParseResponse(resp.Response, &o); err != nil { - return err - } - if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { - c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) - return err - } - c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") - op.response, _ = o.FirstResponse() - - if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { - c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) - return err - } - - return nil -} - func (c *Client) getOSPolicyAssignmentRaw(ctx context.Context, r *OSPolicyAssignment) ([]byte, error) { u, err := r.getURL(c.Config.BasePath) @@ -1017,6 +875,11 @@ func canonicalizeOSPolicyAssignmentDesiredState(rawDesired, rawInitial *OSPolicy } else { canonicalDesired.Location = rawDesired.Location } + if dcl.BoolCanonicalize(rawDesired.SkipAwaitRollout, rawInitial.SkipAwaitRollout) { + canonicalDesired.SkipAwaitRollout = rawInitial.SkipAwaitRollout + } else { + canonicalDesired.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } return canonicalDesired, nil } @@ -1119,6 +982,12 @@ func canonicalizeOSPolicyAssignmentNewState(c *Client, rawNew, rawDesired *OSPol rawNew.Location = rawDesired.Location + if dcl.IsEmptyValueIndirect(rawNew.SkipAwaitRollout) && dcl.IsEmptyValueIndirect(rawDesired.SkipAwaitRollout) { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } else { + rawNew.SkipAwaitRollout = rawDesired.SkipAwaitRollout + } + return rawNew, nil } @@ -7250,6 +7119,13 @@ func diffOSPolicyAssignment(c *Client, desired, actual *OSPolicyAssignment, opts newDiffs = append(newDiffs, ds...) } + if ds, err := dcl.Diff(desired.SkipAwaitRollout, actual.SkipAwaitRollout, dcl.DiffInfo{OperationSelector: dcl.TriggersOperation("updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation")}, fn.AddNest("SkipAwaitRollout")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + newDiffs = append(newDiffs, ds...) + } + return newDiffs, nil } func compareOSPolicyAssignmentOSPoliciesNewStyle(d, a interface{}, fn dcl.FieldName) ([]*dcl.FieldDiff, error) { @@ -9218,6 +9094,11 @@ func (r *OSPolicyAssignment) marshal(c *Client) ([]byte, error) { if err != nil { return nil, fmt.Errorf("error marshalling OSPolicyAssignment: %w", err) } + dcl.MoveMapEntry( + m, + []string{"skipAwaitRollout"}, + []string{}, + ) return json.Marshal(m) } @@ -9278,6 +9159,9 @@ func expandOSPolicyAssignment(c *Client, f *OSPolicyAssignment) (map[string]inte } else if !dcl.IsEmptyValueIndirect(v) { m["location"] = v } + if v := f.SkipAwaitRollout; dcl.ValueShouldBeSent(v) { + m["skipAwaitRollout"] = v + } return m, nil } @@ -9309,6 +9193,7 @@ func flattenOSPolicyAssignment(c *Client, i interface{}, res *OSPolicyAssignment resultRes.Uid = dcl.FlattenString(m["uid"]) resultRes.Project = dcl.FlattenString(m["project"]) resultRes.Location = dcl.FlattenString(m["location"]) + resultRes.SkipAwaitRollout = dcl.FlattenBool(m["skipAwaitRollout"]) return resultRes } diff --git a/services/google/osconfig/os_policy_assignment_schema.go b/services/google/osconfig/os_policy_assignment_schema.go index d45a86b2b4..b4d64e9b35 100755 --- a/services/google/osconfig/os_policy_assignment_schema.go +++ b/services/google/osconfig/os_policy_assignment_schema.go @@ -103,6 +103,7 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "OSPolicyAssignment": &dcl.Component{ Title: "OSPolicyAssignment", ID: "projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}", + UsesStateHint: true, ParentContainer: "project", HasCreate: true, SchemaProperty: dcl.Property{ @@ -1461,6 +1462,12 @@ func DCLOSPolicyAssignmentSchema() *dcl.Schema { "SUCCEEDED", }, }, + "skipAwaitRollout": &dcl.Property{ + Type: "boolean", + GoName: "SkipAwaitRollout", + Description: "Set to true to skip awaiting rollout during resource creation and update.", + Unreadable: true, + }, "uid": &dcl.Property{ Type: "string", GoName: "Uid", diff --git a/services/google/osconfig/os_policy_assignment_yaml_embed.go b/services/google/osconfig/os_policy_assignment_yaml_embed.go index aad04b400c..72c3aaf7ad 100755 --- a/services/google/osconfig/os_policy_assignment_yaml_embed.go +++ b/services/google/osconfig/os_policy_assignment_yaml_embed.go @@ -17,7 +17,7 @@ package osconfig // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/osconfig/os_policy_assignment.yaml -var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") +var YAML_os_policy_assignment = []byte("info:\n title: OSConfig/OSPolicyAssignment\n description: Represents an OSPolicyAssignment resource.\n x-dcl-struct-name: OSPolicyAssignment\n x-dcl-has-iam: false\n x-dcl-ref:\n text: API documentation\n url: https://cloud.google.com/compute/docs/osconfig/rest/v1/projects.locations.osPolicyAssignments\npaths:\n get:\n description: The function used to get information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n apply:\n description: The function used to apply information about a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n delete:\n description: The function used to delete a OSPolicyAssignment\n parameters:\n - name: oSPolicyAssignment\n required: true\n description: A full instance of a OSPolicyAssignment\n deleteAll:\n description: The function used to delete all OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many OSPolicyAssignment\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n OSPolicyAssignment:\n title: OSPolicyAssignment\n x-dcl-id: projects/{{project}}/locations/{{location}}/osPolicyAssignments/{{name}}\n x-dcl-uses-state-hint: true\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - name\n - osPolicies\n - instanceFilter\n - rollout\n - project\n - location\n properties:\n baseline:\n type: boolean\n x-dcl-go-name: Baseline\n readOnly: true\n description: Output only. Indicates that this revision has been successfully\n rolled out in this zone and new VMs will be assigned OS policies from\n this revision. For a given OS policy assignment, there is only one revision\n with a value of `true` for this field.\n x-kubernetes-immutable: true\n deleted:\n type: boolean\n x-dcl-go-name: Deleted\n readOnly: true\n description: Output only. Indicates that this revision deletes the OS policy\n assignment.\n x-kubernetes-immutable: true\n description:\n type: string\n x-dcl-go-name: Description\n description: OS policy assignment description. Length of the description\n is limited to 1024 characters.\n etag:\n type: string\n x-dcl-go-name: Etag\n readOnly: true\n description: The etag for this OS policy assignment. If this is provided\n on update, it must match the server's etag.\n x-kubernetes-immutable: true\n instanceFilter:\n type: object\n x-dcl-go-name: InstanceFilter\n x-dcl-go-type: OSPolicyAssignmentInstanceFilter\n description: Required. Filter to select VMs.\n properties:\n all:\n type: boolean\n x-dcl-go-name: All\n description: Target all VMs in the project. If true, no other criteria\n is permitted.\n x-dcl-send-empty: true\n exclusionLabels:\n type: array\n x-dcl-go-name: ExclusionLabels\n description: List of label sets used for VM exclusion. If the list has\n more than one label set, the VM is excluded if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterExclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inclusionLabels:\n type: array\n x-dcl-go-name: InclusionLabels\n description: List of label sets used for VM inclusion. If the list has\n more than one `LabelSet`, the VM is included if any of the label sets\n are applicable for the VM.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInclusionLabels\n properties:\n labels:\n type: object\n additionalProperties:\n type: string\n x-dcl-go-name: Labels\n description: Labels are identified by key/value pairs in this\n map. A VM should contain all the key/value pairs specified in\n this map to be selected.\n inventories:\n type: array\n x-dcl-go-name: Inventories\n description: List of inventories to select VMs. A VM is selected if\n its inventory data matches at least one of the following inventories.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentInstanceFilterInventories\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported if asterisk(*)\n is provided as the last character. For example, to match all\n versions with a major version of `7`, specify the following\n value for this field `7.*` An empty string matches all OS versions.\n location:\n type: string\n x-dcl-go-name: Location\n description: The location for the resource\n x-kubernetes-immutable: true\n name:\n type: string\n x-dcl-go-name: Name\n description: Resource name.\n x-kubernetes-immutable: true\n osPolicies:\n type: array\n x-dcl-go-name: OSPolicies\n description: Required. List of OS policies to be applied to the VMs.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPolicies\n required:\n - id\n - mode\n - resourceGroups\n properties:\n allowNoResourceGroupMatch:\n type: boolean\n x-dcl-go-name: AllowNoResourceGroupMatch\n description: This flag determines the OS policy compliance status\n when none of the resource groups within the policy are applicable\n for a VM. Set this value to `true` if the policy needs to be reported\n as compliant even if the policy has nothing to validate or enforce.\n description:\n type: string\n x-dcl-go-name: Description\n description: Policy description. Length of the description is limited\n to 1024 characters.\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the OS policy with the following\n restrictions: * Must contain only lowercase letters, numbers, and\n hyphens. * Must start with a letter. * Must be between 1-63 characters.\n * Must end with a number or a letter. * Must be unique within the\n assignment.'\n mode:\n type: string\n x-dcl-go-name: Mode\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesModeEnum\n description: 'Required. Policy mode Possible values: MODE_UNSPECIFIED,\n VALIDATION, ENFORCEMENT'\n enum:\n - MODE_UNSPECIFIED\n - VALIDATION\n - ENFORCEMENT\n resourceGroups:\n type: array\n x-dcl-go-name: ResourceGroups\n description: Required. List of resource groups for the policy. For\n a particular VM, resource groups are evaluated in the order specified\n and the first resource group that is applicable is selected and\n the rest are ignored. If none of the resource groups are applicable\n for a VM, the VM is considered to be non-compliant w.r.t this policy.\n This behavior can be toggled by the flag `allow_no_resource_group_match`\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroups\n required:\n - resources\n properties:\n inventoryFilters:\n type: array\n x-dcl-go-name: InventoryFilters\n description: 'List of inventory filters for the resource group.\n The resources in this resource group are applied to the target\n VM if it satisfies at least one of the following inventory\n filters. For example, to apply this resource group to VMs\n running either `RHEL` or `CentOS` operating systems, specify\n 2 items for the list with following values: inventory_filters[0].os_short_name=''rhel''\n and inventory_filters[1].os_short_name=''centos'' If the list\n is empty, this resource group will be applied to the target\n VM unconditionally.'\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsInventoryFilters\n required:\n - osShortName\n properties:\n osShortName:\n type: string\n x-dcl-go-name: OSShortName\n description: Required. The OS short name\n osVersion:\n type: string\n x-dcl-go-name: OSVersion\n description: The OS version Prefix matches are supported\n if asterisk(*) is provided as the last character. For\n example, to match all versions with a major version\n of `7`, specify the following value for this field `7.*`\n An empty string matches all OS versions.\n resources:\n type: array\n x-dcl-go-name: Resources\n description: Required. List of resources configured for this\n resource group. The resources are executed in the exact order\n specified here.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResources\n required:\n - id\n properties:\n exec:\n type: object\n x-dcl-go-name: Exec\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExec\n description: Exec resource\n x-dcl-conflicts:\n - pkg\n - repository\n - file\n required:\n - validate\n properties:\n enforce:\n type: object\n x-dcl-go-name: Enforce\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforce\n description: What to run to bring this resource into\n the desired state. An exit code of 100 indicates\n \"success\", any other exit code indicates a failure\n running enforce.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecEnforceInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n validate:\n type: object\n x-dcl-go-name: Validate\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidate\n description: Required. What to run to validate this\n resource is in the desired state. An exit code of\n 100 indicates \"in desired state\", and exit code\n of 101 indicates \"not in desired state\". Any other\n exit code indicates a failure running validate.\n required:\n - interpreter\n properties:\n args:\n type: array\n x-dcl-go-name: Args\n description: Optional arguments to pass to the\n source during execution.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFile\n description: A remote or local file.\n x-dcl-conflicts:\n - script\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n interpreter:\n type: string\n x-dcl-go-name: Interpreter\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesExecValidateInterpreterEnum\n description: 'Required. The script interpreter\n to use. Possible values: INTERPRETER_UNSPECIFIED,\n NONE, SHELL, POWERSHELL'\n enum:\n - INTERPRETER_UNSPECIFIED\n - NONE\n - SHELL\n - POWERSHELL\n outputFilePath:\n type: string\n x-dcl-go-name: OutputFilePath\n description: Only recorded for enforce Exec. Path\n to an output file (that is created by this Exec)\n whose content will be recorded in OSPolicyResourceCompliance\n after a successful run. Absence or failure to\n read this file will result in this ExecResource\n being non-compliant. Output file size is limited\n to 100K bytes.\n script:\n type: string\n x-dcl-go-name: Script\n description: An inline script. The size of the\n script is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFile\n description: File resource\n x-dcl-conflicts:\n - pkg\n - repository\n - exec\n required:\n - path\n - state\n properties:\n content:\n type: string\n x-dcl-go-name: Content\n description: A a file with this content. The size\n of the content is limited to 1024 characters.\n x-dcl-conflicts:\n - file\n file:\n type: object\n x-dcl-go-name: File\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFile\n description: A remote or local source.\n x-dcl-conflicts:\n - content\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false, files\n are subject to validations based on the file\n type: Remote: A checksum must be specified.\n Cloud Storage: An object generation number must\n be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the Cloud\n Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud Storage\n object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileFileRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which to fetch\n the object. It should contain both the protocol\n and path following the format `{protocol}://{location}`.\n path:\n type: string\n x-dcl-go-name: Path\n description: Required. The absolute path of the file\n within the VM.\n permissions:\n type: string\n x-dcl-go-name: Permissions\n readOnly: true\n description: 'Consists of three octal digits which\n represent, in order, the permissions of the owner,\n group, and other users for the file (similarly to\n the numeric mode used in the linux chmod utility).\n Each digit represents a three bit number with the\n 4 bit corresponding to the read permissions, the\n 2 bit corresponds to the write bit, and the one\n bit corresponds to the execute permission. Default\n behavior is 755. Below are some examples of permissions\n and their associated values: read, write, and execute:\n 7 read and execute: 5 read and write: 6 read only:\n 4'\n state:\n type: string\n x-dcl-go-name: State\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesFileStateEnum\n description: 'Required. Desired state of the file.\n Possible values: OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED,\n COMPLIANT, NON_COMPLIANT, UNKNOWN, NO_OS_POLICIES_APPLICABLE'\n enum:\n - OS_POLICY_COMPLIANCE_STATE_UNSPECIFIED\n - COMPLIANT\n - NON_COMPLIANT\n - UNKNOWN\n - NO_OS_POLICIES_APPLICABLE\n id:\n type: string\n x-dcl-go-name: Id\n description: 'Required. The id of the resource with the\n following restrictions: * Must contain only lowercase\n letters, numbers, and hyphens. * Must start with a letter.\n * Must be between 1-63 characters. * Must end with a\n number or a letter. * Must be unique within the OS policy.'\n pkg:\n type: object\n x-dcl-go-name: Pkg\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkg\n description: Package resource\n x-dcl-conflicts:\n - repository\n - exec\n - file\n required:\n - desiredState\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgApt\n description: A package managed by Apt.\n x-dcl-conflicts:\n - deb\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n deb:\n type: object\n x-dcl-go-name: Deb\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDeb\n description: A deb package file.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n - rpm\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `dpkg -i\n package` - install when true: `apt-get update\n && apt-get -y install package.deb`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSource\n description: Required. A deb package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDebSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n desiredState:\n type: string\n x-dcl-go-name: DesiredState\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgDesiredStateEnum\n description: 'Required. The desired state the agent\n should maintain for this package. Possible values:\n DESIRED_STATE_UNSPECIFIED, INSTALLED, REMOVED'\n enum:\n - DESIRED_STATE_UNSPECIFIED\n - INSTALLED\n - REMOVED\n googet:\n type: object\n x-dcl-go-name: Googet\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgGooget\n description: A package managed by GooGet.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n msi:\n type: object\n x-dcl-go-name: Msi\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsi\n description: An MSI package.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - rpm\n - googet\n required:\n - source\n properties:\n properties:\n type: array\n x-dcl-go-name: Properties\n description: Additional properties to use during\n installation. This should be in the format of\n Property=Setting. Appended to the defaults of\n `ACTION=INSTALL REBOOT=ReallySuppress`.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSource\n description: Required. The MSI package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgMsiSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n rpm:\n type: object\n x-dcl-go-name: Rpm\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpm\n description: An rpm package file.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - zypper\n - googet\n - msi\n required:\n - source\n properties:\n pullDeps:\n type: boolean\n x-dcl-go-name: PullDeps\n description: 'Whether dependencies should also\n be installed. - install when false: `rpm --upgrade\n --replacepkgs package.rpm` - install when true:\n `yum -y install package.rpm` or `zypper -y install\n package.rpm`'\n source:\n type: object\n x-dcl-go-name: Source\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSource\n description: Required. An rpm package.\n properties:\n allowInsecure:\n type: boolean\n x-dcl-go-name: AllowInsecure\n description: 'Defaults to false. When false,\n files are subject to validations based on\n the file type: Remote: A checksum must be\n specified. Cloud Storage: An object generation\n number must be specified.'\n gcs:\n type: object\n x-dcl-go-name: Gcs\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceGcs\n description: A Cloud Storage object.\n x-dcl-conflicts:\n - remote\n - localPath\n required:\n - bucket\n - object\n properties:\n bucket:\n type: string\n x-dcl-go-name: Bucket\n description: Required. Bucket of the Cloud\n Storage object.\n generation:\n type: integer\n format: int64\n x-dcl-go-name: Generation\n description: Generation number of the\n Cloud Storage object.\n object:\n type: string\n x-dcl-go-name: Object\n description: Required. Name of the Cloud\n Storage object.\n localPath:\n type: string\n x-dcl-go-name: LocalPath\n description: A local path within the VM to\n use.\n x-dcl-conflicts:\n - remote\n - gcs\n remote:\n type: object\n x-dcl-go-name: Remote\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgRpmSourceRemote\n description: A generic remote file.\n x-dcl-conflicts:\n - gcs\n - localPath\n required:\n - uri\n properties:\n sha256Checksum:\n type: string\n x-dcl-go-name: Sha256Checksum\n description: SHA256 checksum of the remote\n file.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI from which\n to fetch the object. It should contain\n both the protocol and path following\n the format `{protocol}://{location}`.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgYum\n description: A package managed by YUM.\n x-dcl-conflicts:\n - apt\n - deb\n - zypper\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesPkgZypper\n description: A package managed by Zypper.\n x-dcl-conflicts:\n - apt\n - deb\n - yum\n - rpm\n - googet\n - msi\n required:\n - name\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. Package name.\n repository:\n type: object\n x-dcl-go-name: Repository\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepository\n description: Package repository resource\n x-dcl-conflicts:\n - pkg\n - exec\n - file\n properties:\n apt:\n type: object\n x-dcl-go-name: Apt\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryApt\n description: An Apt Repository.\n x-dcl-conflicts:\n - yum\n - zypper\n - goo\n required:\n - archiveType\n - uri\n - distribution\n - components\n properties:\n archiveType:\n type: string\n x-dcl-go-name: ArchiveType\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryAptArchiveTypeEnum\n description: 'Required. Type of archive files\n in this repository. Possible values: ARCHIVE_TYPE_UNSPECIFIED,\n DEB, DEB_SRC'\n enum:\n - ARCHIVE_TYPE_UNSPECIFIED\n - DEB\n - DEB_SRC\n components:\n type: array\n x-dcl-go-name: Components\n description: Required. List of components for\n this repository. Must contain at least one item.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n distribution:\n type: string\n x-dcl-go-name: Distribution\n description: Required. Distribution of this repository.\n gpgKey:\n type: string\n x-dcl-go-name: GpgKey\n description: URI of the key file for this repository.\n The agent maintains a keyring at `/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg`.\n uri:\n type: string\n x-dcl-go-name: Uri\n description: Required. URI for this repository.\n goo:\n type: object\n x-dcl-go-name: Goo\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryGoo\n description: A Goo Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - zypper\n required:\n - name\n - url\n properties:\n name:\n type: string\n x-dcl-go-name: Name\n description: Required. The name of the repository.\n url:\n type: string\n x-dcl-go-name: Url\n description: Required. The url of the repository.\n yum:\n type: object\n x-dcl-go-name: Yum\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryYum\n description: A Yum Repository.\n x-dcl-conflicts:\n - apt\n - zypper\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the yum config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for resource conflicts.\n zypper:\n type: object\n x-dcl-go-name: Zypper\n x-dcl-go-type: OSPolicyAssignmentOSPoliciesResourceGroupsResourcesRepositoryZypper\n description: A Zypper Repository.\n x-dcl-conflicts:\n - apt\n - yum\n - goo\n required:\n - id\n - baseUrl\n properties:\n baseUrl:\n type: string\n x-dcl-go-name: BaseUrl\n description: Required. The location of the repository\n directory.\n displayName:\n type: string\n x-dcl-go-name: DisplayName\n description: The display name of the repository.\n gpgKeys:\n type: array\n x-dcl-go-name: GpgKeys\n description: URIs of GPG keys.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n id:\n type: string\n x-dcl-go-name: Id\n description: Required. A one word, unique name\n for this repository. This is the `repo id` in\n the zypper config file and also the `display_name`\n if `display_name` is omitted. This id is also\n used as the unique identifier when checking\n for GuestPolicy conflicts.\n project:\n type: string\n x-dcl-go-name: Project\n description: The project for the resource\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n reconciling:\n type: boolean\n x-dcl-go-name: Reconciling\n readOnly: true\n description: 'Output only. Indicates that reconciliation is in progress\n for the revision. This value is `true` when the `rollout_state` is one\n of: * IN_PROGRESS * CANCELLING'\n x-kubernetes-immutable: true\n revisionCreateTime:\n type: string\n format: date-time\n x-dcl-go-name: RevisionCreateTime\n readOnly: true\n description: Output only. The timestamp that the revision was created.\n x-kubernetes-immutable: true\n revisionId:\n type: string\n x-dcl-go-name: RevisionId\n readOnly: true\n description: Output only. The assignment revision ID A new revision is committed\n whenever a rollout is triggered for a OS policy assignment\n x-kubernetes-immutable: true\n rollout:\n type: object\n x-dcl-go-name: Rollout\n x-dcl-go-type: OSPolicyAssignmentRollout\n description: 'Required. Rollout to deploy the OS policy assignment. A rollout\n is triggered in the following situations: 1) OSPolicyAssignment is created.\n 2) OSPolicyAssignment is updated and the update contains changes to one\n of the following fields: - instance_filter - os_policies 3) OSPolicyAssignment\n is deleted.'\n required:\n - disruptionBudget\n - minWaitDuration\n properties:\n disruptionBudget:\n type: object\n x-dcl-go-name: DisruptionBudget\n x-dcl-go-type: OSPolicyAssignmentRolloutDisruptionBudget\n description: Required. The maximum number (or percentage) of VMs per\n zone to disrupt at any given moment.\n properties:\n fixed:\n type: integer\n format: int64\n x-dcl-go-name: Fixed\n description: Specifies a fixed value.\n x-dcl-conflicts:\n - percent\n percent:\n type: integer\n format: int64\n x-dcl-go-name: Percent\n description: Specifies the relative value defined as a percentage,\n which will be multiplied by a reference value.\n x-dcl-conflicts:\n - fixed\n minWaitDuration:\n type: string\n x-dcl-go-name: MinWaitDuration\n description: Required. This determines the minimum duration of time\n to wait after the configuration changes are applied through the current\n rollout. A VM continues to count towards the `disruption_budget` at\n least until this duration of time has passed after configuration changes\n are applied.\n rolloutState:\n type: string\n x-dcl-go-name: RolloutState\n x-dcl-go-type: OSPolicyAssignmentRolloutStateEnum\n readOnly: true\n description: 'Output only. OS policy assignment rollout state Possible values:\n ROLLOUT_STATE_UNSPECIFIED, IN_PROGRESS, CANCELLING, CANCELLED, SUCCEEDED'\n x-kubernetes-immutable: true\n enum:\n - ROLLOUT_STATE_UNSPECIFIED\n - IN_PROGRESS\n - CANCELLING\n - CANCELLED\n - SUCCEEDED\n skipAwaitRollout:\n type: boolean\n x-dcl-go-name: SkipAwaitRollout\n description: Set to true to skip awaiting rollout during resource creation\n and update.\n x-dcl-mutable-unreadable: true\n uid:\n type: string\n x-dcl-go-name: Uid\n readOnly: true\n description: Output only. Server generated unique id for the OS policy assignment\n resource.\n x-kubernetes-immutable: true\n") -// 73077 bytes -// MD5: 2e21685d807af0ec126ba8fd39ba7684 +// 73353 bytes +// MD5: fb683ef5ed536f19f669a17a052fb49d diff --git a/services/google/osconfig/osconfig_ga_utils.go b/services/google/osconfig/osconfig_ga_utils.go index e24b091bd8..f96436ee46 100755 --- a/services/google/osconfig/osconfig_ga_utils.go +++ b/services/google/osconfig/osconfig_ga_utils.go @@ -15,10 +15,12 @@ package osconfig import ( + "bytes" "context" "time" "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl" + "github.com/GoogleCloudPlatform/declarative-resource-client-library/dcl/operations" ) // Returns true if m and n represent the same floating point value of seconds. @@ -55,3 +57,141 @@ func (r *OSPolicyAssignment) waitForNotReconciling(ctx context.Context, client * return nil, nil }, client.Config.RetryProvider) } + +func (op *createOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + c.Config.Logger.InfoWithContextf(ctx, "Attempting to create %v", r) + u, err := r.createURL(c.Config.BasePath) + if err != nil { + return err + } + + req, err := r.marshal(c) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "POST", u, bytes.NewBuffer(req), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be created. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + c.Config.Logger.Warningf("Creation failed after waiting for operation: %v", err) + return err + } + c.Config.Logger.InfoWithContextf(ctx, "Successfully waited for operation") + op.response, _ = o.FirstResponse() + } + + if _, err := c.GetOSPolicyAssignment(ctx, r); err != nil { + c.Config.Logger.WarningWithContextf(ctx, "get returned error: %v", err) + return err + } + + return nil +} + +func (op *updateOSPolicyAssignmentUpdateOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + _, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + return err + } + + u, err := r.updateURL(c.Config.BasePath, "UpdateOSPolicyAssignment") + if err != nil { + return err + } + mask := dcl.TopLevelUpdateMask(op.FieldDiffs) + u, err = dcl.AddQueryParams(u, map[string]string{"updateMask": mask}) + if err != nil { + return err + } + + req, err := newUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(ctx, r, c) + if err != nil { + return err + } + + c.Config.Logger.InfoWithContextf(ctx, "Created update: %#v", req) + body, err := marshalUpdateOSPolicyAssignmentUpdateOSPolicyAssignmentRequest(c, req) + if err != nil { + return err + } + resp, err := dcl.SendRequest(ctx, c.Config, "PATCH", u, bytes.NewBuffer(body), c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + err = o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET") + + if err != nil { + return err + } + } + + return nil +} + +func (op *deleteOSPolicyAssignmentOperation) do(ctx context.Context, r *OSPolicyAssignment, c *Client) error { + r, err := c.GetOSPolicyAssignment(ctx, r) + if err != nil { + if dcl.IsNotFound(err) { + c.Config.Logger.InfoWithContextf(ctx, "OSPolicyAssignment not found, returning. Original error: %v", err) + return nil + } + c.Config.Logger.WarningWithContextf(ctx, "GetOSPolicyAssignment checking for existence. error: %v", err) + return err + } + err = r.waitForNotReconciling(ctx, c) + if err != nil { + return err + } + u, err := r.deleteURL(c.Config.BasePath) + if err != nil { + return err + } + + // Delete should never have a body + body := &bytes.Buffer{} + resp, err := dcl.SendRequest(ctx, c.Config, "DELETE", u, body, c.Config.RetryProvider) + if err != nil { + return err + } + + if !dcl.ValueOrEmptyBool(r.SkipAwaitRollout) { + // wait for object to be deleted. + var o operations.StandardGCPOperation + if err := dcl.ParseResponse(resp.Response, &o); err != nil { + return err + } + if err := o.Wait(context.WithValue(ctx, dcl.DoNotLogRequestsKey, true), c.Config, r.basePath(), "GET"); err != nil { + return err + } + } + + // We saw a race condition where for some successful delete operation, the Get calls returned resources for a short duration. + // This is the reason we are adding retry to handle that case. + retriesRemaining := 10 + dcl.Do(ctx, func(ctx context.Context) (*dcl.RetryDetails, error) { + _, err := c.GetOSPolicyAssignment(ctx, r) + if dcl.IsNotFound(err) { + return nil, nil + } + if retriesRemaining > 0 { + retriesRemaining-- + return &dcl.RetryDetails{}, dcl.OperationNotDone{} + } + return nil, dcl.NotDeletedError{ExistingResource: r} + }, c.Config.RetryProvider) + return nil +} diff --git a/services/google/osconfig/samples/basic.os_policy_assignment.json b/services/google/osconfig/samples/basic.os_policy_assignment.json new file mode 100755 index 0000000000..6cf77aa1c8 --- /dev/null +++ b/services/google/osconfig/samples/basic.os_policy_assignment.json @@ -0,0 +1,43 @@ +{ + "name": "{{assignment}}", + "project": "{{project}}", + "location": "{{zone}}", + "description": "A test os policy assignment", + "osPolicies": [ + { + "id": "policy", + "mode": "VALIDATION", + "resourceGroups": [ + { + "resources": [ + { + "id": "apt-to-yum", + "repository": { + "apt": { + "archiveType": "DEB", + "uri": "https://atl.mirrors.clouvider.net/debian", + "distribution": "debian", + "components": ["doc"], + "gpgKey": ".gnupg/pubring.kbx" + } + } + } + ] + } + ] + } + ], + "instanceFilter": { + "all": true, + "inclusionLabels": [], + "exclusionLabels": [], + "inventories": [] + }, + "rollout": { + "disruptionBudget": { + "percent": 1 + }, + "minWaitDuration": "3.5s" + }, + "skipAwaitRollout": true +} diff --git a/services/google/osconfig/samples/basic_os_policy_assignment.yaml b/services/google/osconfig/samples/basic_os_policy_assignment.yaml new file mode 100755 index 0000000000..ccf1affe2d --- /dev/null +++ b/services/google/osconfig/samples/basic_os_policy_assignment.yaml @@ -0,0 +1,29 @@ +# Copyright 2022 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: basic_os_policy_assignment +description: An example of an osconfig os policy assignment that does not await the + operation completion +type: os_policy_assignment +versions: +- ga +- beta +- alpha +resource: samples/basic.os_policy_assignment.json +variables: +- name: assignment + type: resource_name +- name: project + type: project +- name: zone + type: zone diff --git a/unstructured/google/osconfig/alpha/os_policy_assignment.go b/unstructured/google/osconfig/alpha/os_policy_assignment.go index 687c25ede5..acbd710ccb 100755 --- a/unstructured/google/osconfig/alpha/os_policy_assignment.go +++ b/unstructured/google/osconfig/alpha/os_policy_assignment.go @@ -555,6 +555,9 @@ func OSPolicyAssignmentToUnstructured(r *dclService.OSPolicyAssignment) *unstruc if r.RolloutState != nil { u.Object["rolloutState"] = string(*r.RolloutState) } + if r.SkipAwaitRollout != nil { + u.Object["skipAwaitRollout"] = *r.SkipAwaitRollout + } if r.Uid != nil { u.Object["uid"] = *r.Uid } @@ -1670,6 +1673,13 @@ func UnstructuredToOSPolicyAssignment(u *unstructured.Resource) (*dclService.OSP return nil, fmt.Errorf("r.RolloutState: expected string") } } + if _, ok := u.Object["skipAwaitRollout"]; ok { + if b, ok := u.Object["skipAwaitRollout"].(bool); ok { + r.SkipAwaitRollout = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.SkipAwaitRollout: expected bool") + } + } if _, ok := u.Object["uid"]; ok { if s, ok := u.Object["uid"].(string); ok { r.Uid = dcl.String(s) diff --git a/unstructured/google/osconfig/beta/os_policy_assignment.go b/unstructured/google/osconfig/beta/os_policy_assignment.go index 86cdca3576..d3b3814466 100755 --- a/unstructured/google/osconfig/beta/os_policy_assignment.go +++ b/unstructured/google/osconfig/beta/os_policy_assignment.go @@ -555,6 +555,9 @@ func OSPolicyAssignmentToUnstructured(r *dclService.OSPolicyAssignment) *unstruc if r.RolloutState != nil { u.Object["rolloutState"] = string(*r.RolloutState) } + if r.SkipAwaitRollout != nil { + u.Object["skipAwaitRollout"] = *r.SkipAwaitRollout + } if r.Uid != nil { u.Object["uid"] = *r.Uid } @@ -1670,6 +1673,13 @@ func UnstructuredToOSPolicyAssignment(u *unstructured.Resource) (*dclService.OSP return nil, fmt.Errorf("r.RolloutState: expected string") } } + if _, ok := u.Object["skipAwaitRollout"]; ok { + if b, ok := u.Object["skipAwaitRollout"].(bool); ok { + r.SkipAwaitRollout = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.SkipAwaitRollout: expected bool") + } + } if _, ok := u.Object["uid"]; ok { if s, ok := u.Object["uid"].(string); ok { r.Uid = dcl.String(s) diff --git a/unstructured/google/osconfig/os_policy_assignment.go b/unstructured/google/osconfig/os_policy_assignment.go index 44ce5dda12..8a516ef511 100755 --- a/unstructured/google/osconfig/os_policy_assignment.go +++ b/unstructured/google/osconfig/os_policy_assignment.go @@ -555,6 +555,9 @@ func OSPolicyAssignmentToUnstructured(r *dclService.OSPolicyAssignment) *unstruc if r.RolloutState != nil { u.Object["rolloutState"] = string(*r.RolloutState) } + if r.SkipAwaitRollout != nil { + u.Object["skipAwaitRollout"] = *r.SkipAwaitRollout + } if r.Uid != nil { u.Object["uid"] = *r.Uid } @@ -1670,6 +1673,13 @@ func UnstructuredToOSPolicyAssignment(u *unstructured.Resource) (*dclService.OSP return nil, fmt.Errorf("r.RolloutState: expected string") } } + if _, ok := u.Object["skipAwaitRollout"]; ok { + if b, ok := u.Object["skipAwaitRollout"].(bool); ok { + r.SkipAwaitRollout = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.SkipAwaitRollout: expected bool") + } + } if _, ok := u.Object["uid"]; ok { if s, ok := u.Object["uid"].(string); ok { r.Uid = dcl.String(s)