apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cnrm.cloud.google.com/version: 0.0.0-dev creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: osconfigpatchdeployments.osconfig.cnrm.cloud.google.com spec: group: osconfig.cnrm.cloud.google.com names: categories: - gcp kind: OSConfigPatchDeployment plural: osconfigpatchdeployments shortNames: - gcposconfigpatchdeployment - gcposconfigpatchdeployments singular: osconfigpatchdeployment preserveUnknownFields: false scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age type: date - description: When 'True', the most recent reconcile of the resource succeeded jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready type: string - description: The reason for the value in 'Ready' jsonPath: .status.conditions[?(@.type=='Ready')].reason name: Status type: string - description: The last transition time for the value in 'Status' jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: description: 'apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: description: description: Immutable. Description of the patch deployment. Length of the description is limited to 1024 characters. type: string duration: description: |- Immutable. Duration of the patch. After the duration ends, the patch times out. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". type: string instanceFilter: description: Immutable. VM instances to patch. properties: all: description: Immutable. Target all VM instances in the project. If true, no other criteria is permitted. type: boolean groupLabels: description: Immutable. Targets VM instances matching ANY of these GroupLabels. This allows targeting of disparate groups of VM instances. items: properties: labels: additionalProperties: type: string description: Immutable. Compute Engine instance labels that must be present for a VM instance to be targeted by this filter. type: object required: - labels type: object type: array instanceNamePrefixes: description: |- Immutable. Targets VMs whose name starts with one of these prefixes. Similar to labels, this is another way to group VMs when targeting configs, for example prefix="prod-". items: type: string type: array instances: description: |- Immutable. Targets any of the VM instances specified. Instances are specified by their URI in the 'form zones/{{zone}}/instances/{{instance_name}}', 'projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}', or 'https://www.googleapis.com/compute/v1/projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}'. items: type: string type: array zones: description: Immutable. Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. items: type: string type: array type: object oneTimeSchedule: description: Immutable. Schedule a one-time execution. properties: executeTime: description: |- Immutable. The desired patch job execution time. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string required: - executeTime type: object patchConfig: description: Immutable. Patch configuration that is applied. properties: apt: description: Immutable. Apt update settings. Use this setting to override the default apt patch rules. properties: excludes: description: Immutable. List of packages to exclude from update. These packages will be excluded. items: type: string type: array exclusivePackages: description: |- Immutable. An exclusive list of packages to be updated. These are the only packages that will be updated. If these packages are not installed, they will be ignored. This field cannot be specified with any other patch configuration fields. items: type: string type: array type: description: 'Immutable. By changing the type to DIST, the patching is performed using apt-get dist-upgrade instead. Possible values: ["DIST", "UPGRADE"].' type: string type: object goo: description: Immutable. goo update settings. Use this setting to override the default goo patch rules. properties: enabled: description: Immutable. goo update settings. Use this setting to override the default goo patch rules. type: boolean required: - enabled type: object migInstancesAllowed: description: Immutable. Allows the patch job to run on Managed instance groups (MIGs). type: boolean postStep: description: Immutable. The ExecStep to run after the patch update. properties: linuxExecStepConfig: description: Immutable. The ExecStepConfig for all Linux VMs targeted by the PatchJob. properties: allowedSuccessCodes: description: Immutable. Defaults to [0]. A list of possible return values that the execution can return to indicate a success. items: type: integer type: array gcsObject: description: Immutable. A Cloud Storage object containing the executable. properties: bucket: description: Immutable. Bucket of the Cloud Storage object. type: string generationNumber: description: Immutable. Generation number of the Cloud Storage object. This is used to ensure that the ExecStep specified by this PatchJob does not change. type: string object: description: Immutable. Name of the Cloud Storage object. type: string required: - bucket - generationNumber - object type: object interpreter: description: |- Immutable. The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with shebang lines. Possible values: ["SHELL", "POWERSHELL"]. type: string localPath: description: Immutable. An absolute path to the executable on the VM. type: string type: object windowsExecStepConfig: description: Immutable. The ExecStepConfig for all Windows VMs targeted by the PatchJob. properties: allowedSuccessCodes: description: Immutable. Defaults to [0]. A list of possible return values that the execution can return to indicate a success. items: type: integer type: array gcsObject: description: Immutable. A Cloud Storage object containing the executable. properties: bucket: description: Immutable. Bucket of the Cloud Storage object. type: string generationNumber: description: Immutable. Generation number of the Cloud Storage object. This is used to ensure that the ExecStep specified by this PatchJob does not change. type: string object: description: Immutable. Name of the Cloud Storage object. type: string required: - bucket - generationNumber - object type: object interpreter: description: |- Immutable. The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with shebang lines. Possible values: ["SHELL", "POWERSHELL"]. type: string localPath: description: Immutable. An absolute path to the executable on the VM. type: string type: object type: object preStep: description: Immutable. The ExecStep to run before the patch update. properties: linuxExecStepConfig: description: Immutable. The ExecStepConfig for all Linux VMs targeted by the PatchJob. properties: allowedSuccessCodes: description: Immutable. Defaults to [0]. A list of possible return values that the execution can return to indicate a success. items: type: integer type: array gcsObject: description: Immutable. A Cloud Storage object containing the executable. properties: bucket: description: Immutable. Bucket of the Cloud Storage object. type: string generationNumber: description: Immutable. Generation number of the Cloud Storage object. This is used to ensure that the ExecStep specified by this PatchJob does not change. type: string object: description: Immutable. Name of the Cloud Storage object. type: string required: - bucket - generationNumber - object type: object interpreter: description: |- Immutable. The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with shebang lines. Possible values: ["SHELL", "POWERSHELL"]. type: string localPath: description: Immutable. An absolute path to the executable on the VM. type: string type: object windowsExecStepConfig: description: Immutable. The ExecStepConfig for all Windows VMs targeted by the PatchJob. properties: allowedSuccessCodes: description: Immutable. Defaults to [0]. A list of possible return values that the execution can return to indicate a success. items: type: integer type: array gcsObject: description: Immutable. A Cloud Storage object containing the executable. properties: bucket: description: Immutable. Bucket of the Cloud Storage object. type: string generationNumber: description: Immutable. Generation number of the Cloud Storage object. This is used to ensure that the ExecStep specified by this PatchJob does not change. type: string object: description: Immutable. Name of the Cloud Storage object. type: string required: - bucket - generationNumber - object type: object interpreter: description: |- Immutable. The script interpreter to use to run the script. If no interpreter is specified the script will be executed directly, which will likely only succeed for scripts with shebang lines. Possible values: ["SHELL", "POWERSHELL"]. type: string localPath: description: Immutable. An absolute path to the executable on the VM. type: string type: object type: object rebootConfig: description: 'Immutable. Post-patch reboot settings. Possible values: ["DEFAULT", "ALWAYS", "NEVER"].' type: string windowsUpdate: description: Immutable. Windows update settings. Use this setting to override the default Windows patch rules. properties: classifications: description: 'Immutable. Only apply updates of these windows update classifications. If empty, all updates are applied. Possible values: ["CRITICAL", "SECURITY", "DEFINITION", "DRIVER", "FEATURE_PACK", "SERVICE_PACK", "TOOL", "UPDATE_ROLLUP", "UPDATE"].' items: type: string type: array excludes: description: Immutable. List of KBs to exclude from update. items: type: string type: array exclusivePatches: description: |- Immutable. An exclusive list of kbs to be updated. These are the only patches that will be updated. This field must not be used with other patch configurations. items: type: string type: array type: object yum: description: Immutable. Yum update settings. Use this setting to override the default yum patch rules. properties: excludes: description: Immutable. List of packages to exclude from update. These packages will be excluded. items: type: string type: array exclusivePackages: description: |- Immutable. An exclusive list of packages to be updated. These are the only packages that will be updated. If these packages are not installed, they will be ignored. This field cannot be specified with any other patch configuration fields. items: type: string type: array minimal: description: Immutable. Will cause patch to run yum update-minimal instead. type: boolean security: description: Immutable. Adds the --security flag to yum update. Not supported on all platforms. type: boolean type: object zypper: description: Immutable. zypper update settings. Use this setting to override the default zypper patch rules. properties: categories: description: Immutable. Install only patches with these categories. Common categories include security, recommended, and feature. items: type: string type: array excludes: description: Immutable. List of packages to exclude from update. items: type: string type: array exclusivePatches: description: |- Immutable. An exclusive list of patches to be updated. These are the only patches that will be installed using 'zypper patch patch:' command. This field must not be used with any other patch configuration fields. items: type: string type: array severities: description: Immutable. Install only patches with these severities. Common severities include critical, important, moderate, and low. items: type: string type: array withOptional: description: Immutable. Adds the --with-optional flag to zypper patch. type: boolean withUpdate: description: Immutable. Adds the --with-update flag, to zypper patch. type: boolean type: object type: object patchDeploymentId: description: |- Immutable. A name for the patch deployment in the project. When creating a name the following rules apply: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-63 characters. * Must end with a number or a letter. * Must be unique within the project. type: string projectRef: description: The project that this resource belongs to. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `name` field of a `Project` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object recurringSchedule: description: Immutable. Schedule recurring executions. properties: endTime: description: |- Immutable. The end time at which a recurring patch deployment schedule is no longer active. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string lastExecuteTime: description: |- The time the last patch job ran successfully. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string monthly: description: Immutable. Schedule with monthly executions. properties: monthDay: description: |- Immutable. One day of the month. 1-31 indicates the 1st to the 31st day. -1 indicates the last day of the month. Months without the target day will be skipped. For example, a schedule to run "every month on the 31st" will not run in February, April, June, etc. type: integer weekDayOfMonth: description: Immutable. Week day in a month. properties: dayOfWeek: description: 'Immutable. A day of the week. Possible values: ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY", "SUNDAY"].' type: string weekOrdinal: description: Immutable. Week number in a month. 1-4 indicates the 1st to 4th week of the month. -1 indicates the last week of the month. type: integer required: - dayOfWeek - weekOrdinal type: object type: object nextExecuteTime: description: |- The time the next patch job is scheduled to run. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string startTime: description: |- Immutable. The time that the recurring schedule becomes effective. Defaults to createTime of the patch deployment. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string timeOfDay: description: Immutable. Time of the day to run a recurring deployment. properties: hours: description: |- Immutable. Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value "24:00:00" for scenarios like business closing time. type: integer minutes: description: Immutable. Minutes of hour of day. Must be from 0 to 59. type: integer nanos: description: Immutable. Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. type: integer seconds: description: Immutable. Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds. type: integer type: object timeZone: description: |- Immutable. Defines the time zone that timeOfDay is relative to. The rules for daylight saving time are determined by the chosen time zone. properties: id: description: Immutable. IANA Time Zone Database time zone, e.g. "America/New_York". type: string version: description: Immutable. IANA Time Zone Database version number, e.g. "2019a". type: string required: - id type: object weekly: description: Immutable. Schedule with weekly executions. properties: dayOfWeek: description: 'Immutable. IANA Time Zone Database time zone, e.g. "America/New_York". Possible values: ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY", "SUNDAY"].' type: string required: - dayOfWeek type: object required: - timeOfDay - timeZone type: object resourceID: description: Immutable. Optional. The service-generated name of the resource. Used for acquisition only. Leave unset to create a new resource. type: string rollout: description: Immutable. Rollout strategy of the patch job. properties: disruptionBudget: description: |- Immutable. The maximum number (or percentage) of VMs per zone to disrupt at any given moment. The number of VMs calculated from multiplying the percentage by the total number of VMs in a zone is rounded up. During patching, a VM is considered disrupted from the time the agent is notified to begin until patching has completed. This disruption time includes the time to complete reboot and any post-patch steps. A VM contributes to the disruption budget if its patching operation fails either when applying the patches, running pre or post patch steps, or if it fails to respond with a success notification before timing out. VMs that are not running or do not have an active agent do not count toward this disruption budget. For zone-by-zone rollouts, if the disruption budget in a zone is exceeded, the patch job stops, because continuing to the next zone requires completion of the patch process in the previous zone. For example, if the disruption budget has a fixed value of 10, and 8 VMs fail to patch in the current zone, the patch job continues to patch 2 VMs at a time until the zone is completed. When that zone is completed successfully, patching begins with 10 VMs at a time in the next zone. If 10 VMs in the next zone fail to patch, the patch job stops. properties: fixed: description: Immutable. Specifies a fixed value. type: integer percentage: description: Immutable. Specifies the relative value defined as a percentage, which will be multiplied by a reference value. type: integer type: object mode: description: 'Immutable. Mode of the patch rollout. Possible values: ["ZONE_BY_ZONE", "CONCURRENT_ZONES"].' type: string required: - disruptionBudget - mode type: object required: - instanceFilter - patchDeploymentId - projectRef type: object status: properties: conditions: description: Conditions represent the latest available observation of the resource's current state. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. type: string message: description: Human-readable message indicating details about last transition. type: string reason: description: Unique, one-word, CamelCase reason for the condition's last transition. type: string status: description: Status is the status of the condition. Can be True, False, Unknown. type: string type: description: Type is the type of the condition. type: string type: object type: array createTime: description: |- Time the patch deployment was created. Timestamp is in RFC3339 text format. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string lastExecuteTime: description: |- The last time a patch job was started by this deployment. Timestamp is in RFC3339 text format. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string name: description: |- Unique name for the patch deployment resource in a project. The patch deployment name is in the form: projects/{project_id}/patchDeployments/{patchDeploymentId}. type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. type: integer updateTime: description: |- Time the patch deployment was last updated. Timestamp is in RFC3339 text format. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". type: string type: object required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []