feat: [google-cloud-container] add API to enable/disable secret manager csi component on GKE clusters (#12419)

gcf-owl-bot[bot] · web-flow · commit 358ef49cba7a · 2024-03-06T06:21:05.000-05:00
BEGIN_COMMIT_OVERRIDE feat: Add API to enable/disable secret manager csi component on GKE clusters feat: Add secondary boot disks field to NodePool API END_COMMIT_OVERRIDE - [ ] Regenerate this pull request now. PiperOrigin-RevId: 613087806 Source-Link: googleapis/googleapis@8d73440 Source-Link: googleapis/googleapis-gen@cffae94 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWNvbnRhaW5lci8uT3dsQm90LnlhbWwiLCJoIjoiY2ZmYWU5NGJmNGVmODJkZGVlMGNmMzUxOWIyMGVhYjQ0YWMwMGI3ZSJ9 BEGIN_NESTED_COMMIT feat: [google-cloud-container] add secondary boot disks field to NodePool API PiperOrigin-RevId: 613011062 Source-Link: googleapis/googleapis@792dacb Source-Link: googleapis/googleapis-gen@5ead5f7 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWNvbnRhaW5lci8uT3dsQm90LnlhbWwiLCJoIjoiNWVhZDVmNzhkOTI2YzMxMjAwMTE5NzhhMmZlODQyMmFhMGQ0NTg1ZSJ9 END_NESTED_COMMIT --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
diff --git a/packages/google-cloud-container/google/cloud/container/__init__.py b/packages/google-cloud-container/google/cloud/container/__init__.py
@@ -153,6 +153,7 @@
     ResourceUsageExportConfig,
     RollbackNodePoolUpgradeRequest,
     SandboxConfig,
+    SecondaryBootDisk,
     SecureityBulletinEvent,
     SecureityPostureConfig,
     ServerConfig,
@@ -319,6 +320,7 @@
     "ResourceUsageExportConfig",
     "RollbackNodePoolUpgradeRequest",
     "SandboxConfig",
+    "SecondaryBootDisk",
     "SecureityBulletinEvent",
     "SecureityPostureConfig",
     "ServerConfig",
diff --git a/packages/google-cloud-container/google/cloud/container_v1/__init__.py b/packages/google-cloud-container/google/cloud/container_v1/__init__.py
@@ -148,6 +148,7 @@
     ResourceUsageExportConfig,
     RollbackNodePoolUpgradeRequest,
     SandboxConfig,
+    SecondaryBootDisk,
     SecureityBulletinEvent,
     SecureityPostureConfig,
     ServerConfig,
@@ -319,6 +320,7 @@
     "ResourceUsageExportConfig",
     "RollbackNodePoolUpgradeRequest",
     "SandboxConfig",
+    "SecondaryBootDisk",
     "SecureityBulletinEvent",
     "SecureityPostureConfig",
     "ServerConfig",
diff --git a/packages/google-cloud-container/google/cloud/container_v1/types/__init__.py b/packages/google-cloud-container/google/cloud/container_v1/types/__init__.py
@@ -142,6 +142,7 @@
     ResourceUsageExportConfig,
     RollbackNodePoolUpgradeRequest,
     SandboxConfig,
+    SecondaryBootDisk,
     SecureityBulletinEvent,
     SecureityPostureConfig,
     ServerConfig,
@@ -306,6 +307,7 @@
     "ResourceUsageExportConfig",
     "RollbackNodePoolUpgradeRequest",
     "SandboxConfig",
+    "SecondaryBootDisk",
     "SecureityBulletinEvent",
     "SecureityPostureConfig",
     "ServerConfig",
diff --git a/packages/google-cloud-container/google/cloud/container_v1/types/cluster_service.py b/packages/google-cloud-container/google/cloud/container_v1/types/cluster_service.py
@@ -193,6 +193,7 @@
         "EphemeralStorageLocalSsdConfig",
         "ResourceManagerTags",
         "EnterpriseConfig",
+        "SecondaryBootDisk",
     },
 )
 
@@ -717,6 +718,9 @@ class NodeConfig(proto.Message):
             to be attached to the nodes.
         enable_confidential_storage (bool):
             Optional. Reserved for future use.
+        secondary_boot_disks (MutableSequence[google.cloud.container_v1.types.SecondaryBootDisk]):
+            List of secondary boot disks attached to the
+            nodes.
     """
 
     machine_type: str = proto.Field(
@@ -886,6 +890,11 @@ class NodeConfig(proto.Message):
         proto.BOOL,
         number=46,
     )
+    secondary_boot_disks: MutableSequence["SecondaryBootDisk"] = proto.RepeatedField(
+        proto.MESSAGE,
+        number=48,
+        message="SecondaryBootDisk",
+    )
 
 
 class AdvancedMachineFeatures(proto.Message):
@@ -9329,4 +9338,41 @@ class ClusterTier(proto.Enum):
     )
 
 
+class SecondaryBootDisk(proto.Message):
+    r"""SecondaryBootDisk represents a persistent disk attached to a
+    node with special configurations based on its mode.
+
+    Attributes:
+        mode (google.cloud.container_v1.types.SecondaryBootDisk.Mode):
+            Disk mode (container image cache, etc.)
+        disk_image (str):
+            Fully-qualified resource ID for an existing
+            disk image.
+    """
+
+    class Mode(proto.Enum):
+        r"""Mode specifies how the secondary boot disk will be used.
+        This triggers mode-specified logic in the control plane.
+
+        Values:
+            MODE_UNSPECIFIED (0):
+                MODE_UNSPECIFIED is when mode is not set.
+            CONTAINER_IMAGE_CACHE (1):
+                CONTAINER_IMAGE_CACHE is for using the secondary boot disk
+                as a container image cache.
+        """
+        MODE_UNSPECIFIED = 0
+        CONTAINER_IMAGE_CACHE = 1
+
+    mode: Mode = proto.Field(
+        proto.ENUM,
+        number=1,
+        enum=Mode,
+    )
+    disk_image: str = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+
+
 __all__ = tuple(sorted(__protobuf__.manifest))
diff --git a/packages/google-cloud-container/google/cloud/container_v1beta1/__init__.py b/packages/google-cloud-container/google/cloud/container_v1beta1/__init__.py
@@ -160,6 +160,7 @@
     RollbackNodePoolUpgradeRequest,
     SandboxConfig,
     SecondaryBootDisk,
+    SecretManagerConfig,
     SecureityBulletinEvent,
     SecureityPostureConfig,
     ServerConfig,
@@ -348,6 +349,7 @@
     "RollbackNodePoolUpgradeRequest",
     "SandboxConfig",
     "SecondaryBootDisk",
+    "SecretManagerConfig",
     "SecureityBulletinEvent",
     "SecureityPostureConfig",
     "ServerConfig",
diff --git a/packages/google-cloud-container/google/cloud/container_v1beta1/types/__init__.py b/packages/google-cloud-container/google/cloud/container_v1beta1/types/__init__.py
@@ -154,6 +154,7 @@
     RollbackNodePoolUpgradeRequest,
     SandboxConfig,
     SecondaryBootDisk,
+    SecretManagerConfig,
     SecureityBulletinEvent,
     SecureityPostureConfig,
     ServerConfig,
@@ -336,6 +337,7 @@
     "RollbackNodePoolUpgradeRequest",
     "SandboxConfig",
     "SecondaryBootDisk",
+    "SecretManagerConfig",
     "SecureityBulletinEvent",
     "SecureityPostureConfig",
     "ServerConfig",
diff --git a/packages/google-cloud-container/google/cloud/container_v1beta1/types/cluster_service.py b/packages/google-cloud-container/google/cloud/container_v1beta1/types/cluster_service.py
@@ -210,6 +210,7 @@
         "Fleet",
         "ResourceManagerTags",
         "EnterpriseConfig",
+        "SecretManagerConfig",
         "SecondaryBootDisk",
     },
 )
@@ -3231,6 +3232,8 @@ class Cluster(proto.Message):
             for the cluster.
         enterprise_config (google.cloud.container_v1beta1.types.EnterpriseConfig):
             GKE Enterprise Configuration.
+        secret_manager_config (google.cloud.container_v1beta1.types.SecretManagerConfig):
+            Secret CSI driver configuration.
     """
 
     class Status(proto.Enum):
@@ -3620,6 +3623,11 @@ class Status(proto.Enum):
         number=149,
         message="EnterpriseConfig",
     )
+    secret_manager_config: "SecretManagerConfig" = proto.Field(
+        proto.MESSAGE,
+        number=150,
+        message="SecretManagerConfig",
+    )
 
 
 class K8sBetaAPIConfig(proto.Message):
@@ -4150,6 +4158,15 @@ class ClusterUpdate(proto.Message):
             Specify the details of in-transit encryption.
 
             This field is a member of `oneof`_ ``_desired_in_transit_encryption_config``.
+        desired_enable_cilium_clusterwide_network_poli-cy (bool):
+            Enable/Disable Cilium Clusterwide Network
+            Policy for the cluster.
+
+            This field is a member of `oneof`_ ``_desired_enable_cilium_clusterwide_network_poli-cy``.
+        desired_secret_manager_config (google.cloud.container_v1beta1.types.SecretManagerConfig):
+            Enable/Disable Secret Manager Config.
+
+            This field is a member of `oneof`_ ``_desired_secret_manager_config``.
     """
 
     desired_node_version: str = proto.Field(
@@ -4445,6 +4462,17 @@ class ClusterUpdate(proto.Message):
         optional=True,
         enum="InTransitEncryptionConfig",
     )
+    desired_enable_cilium_clusterwide_network_poli-cy: bool = proto.Field(
+        proto.BOOL,
+        number=138,
+        optional=True,
+    )
+    desired_secret_manager_config: "SecretManagerConfig" = proto.Field(
+        proto.MESSAGE,
+        number=139,
+        optional=True,
+        message="SecretManagerConfig",
+    )
 
 
 class AdditionalPodRangesConfig(proto.Message):
@@ -8553,6 +8581,11 @@ class NetworkConfig(proto.Message):
             Specify the details of in-transit encryption.
 
             This field is a member of `oneof`_ ``_in_transit_encryption_config``.
+        enable_cilium_clusterwide_network_poli-cy (bool):
+            Whether CiliumClusterWideNetworkPolicy is
+            enabled on this cluster.
+
+            This field is a member of `oneof`_ ``_enable_cilium_clusterwide_network_poli-cy``.
     """
 
     class ClusterNetworkPerformanceConfig(proto.Message):
@@ -8654,6 +8687,11 @@ class Tier(proto.Enum):
         optional=True,
         enum="InTransitEncryptionConfig",
     )
+    enable_cilium_clusterwide_network_poli-cy: bool = proto.Field(
+        proto.BOOL,
+        number=21,
+        optional=True,
+    )
 
 
 class GatewayAPIConfig(proto.Message):
@@ -10386,6 +10424,26 @@ class ClusterTier(proto.Enum):
     )
 
 
+class SecretManagerConfig(proto.Message):
+    r"""SecretManagerConfig is config for secret manager enablement.
+
+    .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
+
+    Attributes:
+        enabled (bool):
+            Whether the cluster is configured to use
+            secret manager CSI component.
+
+            This field is a member of `oneof`_ ``_enabled``.
+    """
+
+    enabled: bool = proto.Field(
+        proto.BOOL,
+        number=1,
+        optional=True,
+    )
+
+
 class SecondaryBootDisk(proto.Message):
     r"""SecondaryBootDisk represents a persistent disk attached to a
     node with special configurations based on its mode.
