1 // Copyright 2022 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 syntax = "proto3";
16 
17 package google.cloud.functions.v2beta;
18 
19 import "google/api/annotations.proto";
20 import "google/api/client.proto";
21 import "google/api/field_behavior.proto";
22 import "google/api/resource.proto";
23 import "google/longrunning/operations.proto";
24 import "google/protobuf/any.proto";
25 import "google/protobuf/field_mask.proto";
26 import "google/protobuf/timestamp.proto";
27 
28 option go_package = "cloud.google.com/go/functions/apiv2beta/functionspb;functionspb";
29 option java_multiple_files = true;
30 option java_outer_classname = "FunctionsProto";
31 option java_package = "com.google.cloud.functions.v2beta";
32 option objc_class_prefix = "GCF";
33 option (google.api.resource_definition) = {
34   type: "artifactregistry.googleapis.com/Repository"
35   pattern: "projects/{project}/locations/{location}/repositories/{repository}"
36 };
37 option (google.api.resource_definition) = {
38   type: "cloudbuild.googleapis.com/Build"
39   pattern: "projects/{project}/locations/{location}/builds/{build}"
40 };
41 option (google.api.resource_definition) = {
42   type: "cloudbuild.googleapis.com/WorkerPool"
43   pattern: "projects/{project}/locations/{location}/workerPools/{worker_pool}"
44 };
45 option (google.api.resource_definition) = {
46   type: "run.googleapis.com/Service"
47   pattern: "projects/{project}/locations/{location}/services/{service}"
48 };
49 option (google.api.resource_definition) = {
50   type: "vpcaccess.googleapis.com/Connector"
51   pattern: "projects/{project}/locations/{location}/connectors/{connector}"
52 };
53 option (google.api.resource_definition) = {
54   type: "eventarc.googleapis.com/Trigger"
55   pattern: "projects/{project}/locations/{location}/triggers/{trigger}"
56 };
57 option (google.api.resource_definition) = {
58   type: "eventarc.googleapis.com/Channel"
59   pattern: "projects/{project}/locations/{location}/channels/{channel}"
60 };
61 option (google.api.resource_definition) = {
62   type: "pubsub.googleapis.com/Topic"
63   pattern: "projects/{project}/topics/{topic}"
64 };
65 
66 // Google Cloud Functions is used to deploy functions that are executed by
67 // Google in response to various events. Data connected with that event is
68 // passed to a function as the input data.
69 //
70 // A **function** is a resource which describes a function that should be
71 // executed and how it is triggered.
72 service FunctionService {
73   option (google.api.default_host) = "cloudfunctions.googleapis.com";
74   option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
75 
76   // Returns a function with the given name from the requested project.
77   rpc GetFunction(GetFunctionRequest) returns (Function) {
78     option (google.api.http) = {
79       get: "/v2beta/{name=projects/*/locations/*/functions/*}"
80     };
81     option (google.api.method_signature) = "name";
82   }
83 
84   // Returns a list of functions that belong to the requested project.
85   rpc ListFunctions(ListFunctionsRequest) returns (ListFunctionsResponse) {
86     option (google.api.http) = {
87       get: "/v2beta/{parent=projects/*/locations/*}/functions"
88     };
89     option (google.api.method_signature) = "parent";
90   }
91 
92   // Creates a new function. If a function with the given name already exists in
93   // the specified project, the long running operation will return
94   // `ALREADY_EXISTS` error.
95   rpc CreateFunction(CreateFunctionRequest) returns (google.longrunning.Operation) {
96     option (google.api.http) = {
97       post: "/v2beta/{parent=projects/*/locations/*}/functions"
98       body: "function"
99     };
100     option (google.api.method_signature) = "parent,function,function_id";
101     option (google.longrunning.operation_info) = {
102       response_type: "google.cloud.functions.v2beta.Function"
103       metadata_type: "google.cloud.functions.v2beta.OperationMetadata"
104     };
105   }
106 
107   // Updates existing function.
108   rpc UpdateFunction(UpdateFunctionRequest) returns (google.longrunning.Operation) {
109     option (google.api.http) = {
110       patch: "/v2beta/{function.name=projects/*/locations/*/functions/*}"
111       body: "function"
112     };
113     option (google.api.method_signature) = "function,update_mask";
114     option (google.longrunning.operation_info) = {
115       response_type: "google.cloud.functions.v2beta.Function"
116       metadata_type: "google.cloud.functions.v2beta.OperationMetadata"
117     };
118   }
119 
120   // Deletes a function with the given name from the specified project. If the
121   // given function is used by some trigger, the trigger will be updated to
122   // remove this function.
123   rpc DeleteFunction(DeleteFunctionRequest) returns (google.longrunning.Operation) {
124     option (google.api.http) = {
125       delete: "/v2beta/{name=projects/*/locations/*/functions/*}"
126     };
127     option (google.api.method_signature) = "name";
128     option (google.longrunning.operation_info) = {
129       response_type: "google.protobuf.Empty"
130       metadata_type: "google.cloud.functions.v2beta.OperationMetadata"
131     };
132   }
133 
134   // Returns a signed URL for uploading a function source code.
135   // For more information about the signed URL usage see:
136   // https://cloud.google.com/storage/docs/access-control/signed-urls.
137   // Once the function source code upload is complete, the used signed
138   // URL should be provided in CreateFunction or UpdateFunction request
139   // as a reference to the function source code.
140   //
141   // When uploading source code to the generated signed URL, please follow
142   // these restrictions:
143   //
144   // * Source file type should be a zip file.
145   // * No credentials should be attached - the signed URLs provide access to the
146   //   target bucket using internal service identity; if credentials were
147   //   attached, the identity from the credentials would be used, but that
148   //   identity does not have permissions to upload files to the URL.
149   //
150   // When making a HTTP PUT request, these two headers need to be specified:
151   //
152   // * `content-type: application/zip`
153   //
154   // And this header SHOULD NOT be specified:
155   //
156   // * `Authorization: Bearer YOUR_TOKEN`
157   rpc GenerateUploadUrl(GenerateUploadUrlRequest) returns (GenerateUploadUrlResponse) {
158     option (google.api.http) = {
159       post: "/v2beta/{parent=projects/*/locations/*}/functions:generateUploadUrl"
160       body: "*"
161     };
162   }
163 
164   // Returns a signed URL for downloading deployed function source code.
165   // The URL is only valid for a limited period and should be used within
166   // 30 minutes of generation.
167   // For more information about the signed URL usage see:
168   // https://cloud.google.com/storage/docs/access-control/signed-urls
169   rpc GenerateDownloadUrl(GenerateDownloadUrlRequest) returns (GenerateDownloadUrlResponse) {
170     option (google.api.http) = {
171       post: "/v2beta/{name=projects/*/locations/*/functions/*}:generateDownloadUrl"
172       body: "*"
173     };
174   }
175 
176   // Returns a list of runtimes that are supported for the requested project.
177   rpc ListRuntimes(ListRuntimesRequest) returns (ListRuntimesResponse) {
178     option (google.api.http) = {
179       get: "/v2beta/{parent=projects/*/locations/*}/runtimes"
180     };
181     option (google.api.method_signature) = "parent";
182   }
183 }
184 
185 // The environment the function is hosted on.
186 enum Environment {
187   // Unspecified
188   ENVIRONMENT_UNSPECIFIED = 0;
189 
190   // Gen 1
191   GEN_1 = 1;
192 
193   // Gen 2
194   GEN_2 = 2;
195 }
196 
197 // Describes a Cloud Function that contains user computation executed in
198 // response to an event. It encapsulates function and trigger configurations.
199 message Function {
200   option (google.api.resource) = {
201     type: "cloudfunctions.googleapis.com/Function"
202     pattern: "projects/{project}/locations/{location}/functions/{function}"
203     plural: "functions"
204     singular: "function"
205   };
206 
207   // Describes the current state of the function.
208   enum State {
209     // Not specified. Invalid state.
210     STATE_UNSPECIFIED = 0;
211 
212     // Function has been successfully deployed and is serving.
213     ACTIVE = 1;
214 
215     // Function deployment failed and the function is not serving.
216     FAILED = 2;
217 
218     // Function is being created or updated.
219     DEPLOYING = 3;
220 
221     // Function is being deleted.
222     DELETING = 4;
223 
224     // Function deployment failed and the function serving state is undefined.
225     // The function should be updated or deleted to move it out of this state.
226     UNKNOWN = 5;
227   }
228 
229   // A user-defined name of the function. Function names must be unique
230   // globally and match pattern `projects/*/locations/*/functions/*`
231   string name = 1;
232 
233   // Describe whether the function is gen1 or gen2.
234   Environment environment = 10;
235 
236   // User-provided description of a function.
237   string description = 2;
238 
239   // Describes the Build step of the function that builds a container from the
240   // given source.
241   BuildConfig build_config = 3;
242 
243   // Describes the Service being deployed. Currently deploys services to Cloud
244   // Run (fully managed).
245   ServiceConfig service_config = 4;
246 
247   // An Eventarc trigger managed by Google Cloud Functions that fires events in
248   // response to a condition in another service.
249   EventTrigger event_trigger = 5;
250 
251   // Output only. State of the function.
252   State state = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
253 
254   // Output only. The last update timestamp of a Cloud Function.
255   google.protobuf.Timestamp update_time = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
256 
257   // Labels associated with this Cloud Function.
258   map<string, string> labels = 8;
259 
260   // Output only. State Messages for this Cloud Function.
261   repeated StateMessage state_messages = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
262 }
263 
264 // Informational messages about the state of the Cloud Function or Operation.
265 message StateMessage {
266   // Severity of the state message.
267   enum Severity {
268     // Not specified. Invalid severity.
269     SEVERITY_UNSPECIFIED = 0;
270 
271     // ERROR-level severity.
272     ERROR = 1;
273 
274     // WARNING-level severity.
275     WARNING = 2;
276 
277     // INFO-level severity.
278     INFO = 3;
279   }
280 
281   // Severity of the state message.
282   Severity severity = 1;
283 
284   // One-word CamelCase type of the state message.
285   string type = 2;
286 
287   // The message.
288   string message = 3;
289 }
290 
291 // Location of the source in an archive file in Google Cloud Storage.
292 message StorageSource {
293   // Google Cloud Storage bucket containing the source (see
294   // [Bucket Name
295   // Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)).
296   string bucket = 1;
297 
298   // Google Cloud Storage object containing the source.
299   //
300   // This object must be a gzipped archive file (`.tar.gz`) containing source to
301   // build.
302   string object = 2;
303 
304   // Google Cloud Storage generation for the object. If the generation is
305   // omitted, the latest generation will be used.
306   int64 generation = 3;
307 }
308 
309 // Location of the source in a Google Cloud Source Repository.
310 message RepoSource {
311   // A revision within the Cloud Source Repository must be specified in
312   // one of these ways.
313   oneof revision {
314     // Regex matching branches to build.
315     //
316     // The syntax of the regular expressions accepted is the syntax accepted by
317     // RE2 and described at https://github.com/google/re2/wiki/Syntax
318     string branch_name = 3;
319 
320     // Regex matching tags to build.
321     //
322     // The syntax of the regular expressions accepted is the syntax accepted by
323     // RE2 and described at https://github.com/google/re2/wiki/Syntax
324     string tag_name = 4;
325 
326     // Explicit commit SHA to build.
327     string commit_sha = 5;
328   }
329 
330   // ID of the project that owns the Cloud Source Repository. If omitted, the
331   // project ID requesting the build is assumed.
332   string project_id = 1;
333 
334   // Name of the Cloud Source Repository.
335   string repo_name = 2;
336 
337   // Directory, relative to the source root, in which to run the build.
338   //
339   // This must be a relative path. If a step's `dir` is specified and is an
340   // absolute path, this value is ignored for that step's execution.
341   // eg. helloworld (no leading slash allowed)
342   string dir = 6;
343 
344   // Only trigger a build if the revision regex does NOT match the revision
345   // regex.
346   bool invert_regex = 7;
347 }
348 
349 // The location of the function source code.
350 message Source {
351   // Location of the source.
352   // At least one source needs to be provided for the deployment to succeed.
353   oneof source {
354     // If provided, get the source from this location in Google Cloud Storage.
355     StorageSource storage_source = 1;
356 
357     // If provided, get the source from this location in a Cloud Source
358     // Repository.
359     RepoSource repo_source = 2;
360   }
361 }
362 
363 // Provenance of the source. Ways to find the original source, or verify that
364 // some source was used for this build.
365 message SourceProvenance {
366   // A copy of the build's `source.storage_source`, if exists, with any
367   // generations resolved.
368   StorageSource resolved_storage_source = 1;
369 
370   // A copy of the build's `source.repo_source`, if exists, with any
371   // revisions resolved.
372   RepoSource resolved_repo_source = 2;
373 }
374 
375 // Describes the Build step of the function that builds a container from the
376 // given source.
377 message BuildConfig {
378   // Output only. The Cloud Build name of the latest successful deployment of the
379   // function.
380   string build = 1 [
381     (google.api.field_behavior) = OUTPUT_ONLY,
382     (google.api.resource_reference) = {
383       type: "cloudbuild.googleapis.com/Build"
384     }
385   ];
386 
387   // The runtime in which to run the function. Required when deploying a new
388   // function, optional when updating an existing function. For a complete
389   // list of possible choices, see the
390   // [`gcloud` command
391   // reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime).
392   string runtime = 2;
393 
394   // The name of the function (as defined in source code) that will be
395   // executed. Defaults to the resource name suffix, if not specified. For
396   // backward compatibility, if function with given name is not found, then the
397   // system will try to use function named "function".
398   // For Node.js this is name of a function exported by the module specified
399   // in `source_location`.
400   string entry_point = 3;
401 
402   // The location of the function source code.
403   Source source = 4;
404 
405   // Output only. A permanent fixed identifier for source.
406   SourceProvenance source_provenance = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
407 
408   // Name of the Cloud Build Custom Worker Pool that should be used to build the
409   // function. The format of this field is
410   // `projects/{project}/locations/{region}/workerPools/{workerPool}` where
411   // {project} and {region} are the project id and region respectively where the
412   // worker pool is defined and {workerPool} is the short name of the worker
413   // pool.
414   //
415   // If the project id is not the same as the function, then the Cloud
416   // Functions Service Agent
417   // (service-<project_number>@gcf-admin-robot.iam.gserviceaccount.com) must be
418   // granted the role Cloud Build Custom Workers Builder
419   // (roles/cloudbuild.customworkers.builder) in the project.
420   string worker_pool = 5 [(google.api.resource_reference) = {
421                             type: "cloudbuild.googleapis.com/WorkerPool"
422                           }];
423 
424   // User-provided build-time environment variables for the function
425   map<string, string> environment_variables = 6;
426 
427   // Optional. User managed repository created in Artifact Registry optionally with a
428   // customer managed encryption key. This is the repository to which the
429   // function docker image will be pushed after it is built by Cloud Build.
430   // If unspecified, GCF will create and use a repository named 'gcf-artifacts'
431   // for every deployed region.
432   //
433   // It must match the pattern
434   // `projects/{project}/locations/{location}/repositories/{repository}`.
435   //
436   // Cross-project repositories are not supported.
437   // Cross-location repositories are not supported.
438   // Repository format must be 'DOCKER'.
439   string docker_repository = 7 [
440     (google.api.field_behavior) = OPTIONAL,
441     (google.api.resource_reference) = {
442       type: "artifactregistry.googleapis.com/Repository"
443     }
444   ];
445 }
446 
447 // Describes the Service being deployed.
448 // Currently Supported : Cloud Run (fully managed).
449 message ServiceConfig {
450   // Available egress settings.
451   //
452   // This controls what traffic is diverted through the VPC Access Connector
453   // resource. By default PRIVATE_RANGES_ONLY will be used.
454   enum VpcConnectorEgressSettings {
455     // Unspecified.
456     VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED = 0;
457 
458     // Use the VPC Access Connector only for private IP space from RFC1918.
459     PRIVATE_RANGES_ONLY = 1;
460 
461     // Force the use of VPC Access Connector for all egress traffic from the
462     // function.
463     ALL_TRAFFIC = 2;
464   }
465 
466   // Available ingress settings.
467   //
468   // This controls what traffic can reach the function.
469   //
470   // If unspecified, ALLOW_ALL will be used.
471   enum IngressSettings {
472     // Unspecified.
473     INGRESS_SETTINGS_UNSPECIFIED = 0;
474 
475     // Allow HTTP traffic from public and private sources.
476     ALLOW_ALL = 1;
477 
478     // Allow HTTP traffic from only private VPC sources.
479     ALLOW_INTERNAL_ONLY = 2;
480 
481     // Allow HTTP traffic from private VPC sources and through GCLB.
482     ALLOW_INTERNAL_AND_GCLB = 3;
483   }
484 
485   // Output only. Name of the service associated with a Function.
486   // The format of this field is
487   // `projects/{project}/locations/{region}/services/{service}`
488   string service = 1 [
489     (google.api.field_behavior) = OUTPUT_ONLY,
490     (google.api.resource_reference) = {
491       type: "run.googleapis.com/Service"
492     }
493   ];
494 
495   // The function execution timeout. Execution is considered failed and
496   // can be terminated if the function is not completed at the end of the
497   // timeout period. Defaults to 60 seconds.
498   int32 timeout_seconds = 2;
499 
500   // The amount of memory available for a function.
501   // Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is
502   // supplied the value is interpreted as bytes.
503   // See
504   // https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
505   // a full description.
506   string available_memory = 13;
507 
508   // Environment variables that shall be available during function execution.
509   map<string, string> environment_variables = 4;
510 
511   // The limit on the maximum number of function instances that may coexist at a
512   // given time.
513   //
514   // In some cases, such as rapid traffic surges, Cloud Functions may, for a
515   // short period of time, create more instances than the specified max
516   // instances limit. If your function cannot tolerate this temporary behavior,
517   // you may want to factor in a safety margin and set a lower max instances
518   // value than your function can tolerate.
519   //
520   // See the [Max
521   // Instances](https://cloud.google.com/functions/docs/max-instances) Guide for
522   // more details.
523   int32 max_instance_count = 5;
524 
525   // The limit on the minimum number of function instances that may coexist at a
526   // given time.
527   //
528   // Function instances are kept in idle state for a short period after they
529   // finished executing the request to reduce cold start time for subsequent
530   // requests. Setting a minimum instance count will ensure that the given
531   // number of instances are kept running in idle state always. This can help
532   // with cold start times when jump in incoming request count occurs after the
533   // idle instance would have been stopped in the default case.
534   int32 min_instance_count = 12;
535 
536   // The Serverless VPC Access connector that this cloud function can connect
537   // to. The format of this field is `projects/*/locations/*/connectors/*`.
538   string vpc_connector = 6 [(google.api.resource_reference) = {
539                               type: "vpcaccess.googleapis.com/Connector"
540                             }];
541 
542   // The egress settings for the connector, controlling what traffic is diverted
543   // through it.
544   VpcConnectorEgressSettings vpc_connector_egress_settings = 7;
545 
546   // The ingress settings for the function, controlling what traffic can reach
547   // it.
548   IngressSettings ingress_settings = 8;
549 
550   // Output only. URI of the Service deployed.
551   string uri = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
552 
553   // The email of the service's service account. If empty, defaults to
554   // `{project_number}-compute@developer.gserviceaccount.com`.
555   string service_account_email = 10;
556 
557   // Whether 100% of traffic is routed to the latest revision.
558   // On CreateFunction and UpdateFunction, when set to true, the revision being
559   // deployed will serve 100% of traffic, ignoring any traffic split settings,
560   // if any. On GetFunction, true will be returned if the latest revision is
561   // serving 100% of traffic.
562   bool all_traffic_on_latest_revision = 16;
563 
564   // Secret environment variables configuration.
565   repeated SecretEnvVar secret_environment_variables = 17;
566 
567   // Secret volumes configuration.
568   repeated SecretVolume secret_volumes = 19;
569 
570   // Output only. The name of service revision.
571   string revision = 18 [(google.api.field_behavior) = OUTPUT_ONLY];
572 }
573 
574 // Configuration for a secret environment variable. It has the information
575 // necessary to fetch the secret value from secret manager and expose it as an
576 // environment variable.
577 message SecretEnvVar {
578   // Name of the environment variable.
579   string key = 1;
580 
581   // Project identifier (preferably project number but can also be the
582   // project ID) of the project that contains the secret. If not set, it is
583   // assumed that the secret is in the same project as the function.
584   string project_id = 2;
585 
586   // Name of the secret in secret manager (not the full resource name).
587   string secret = 3;
588 
589   // Version of the secret (version number or the string 'latest'). It is
590   // recommended to use a numeric version for secret environment variables as
591   // any updates to the secret value is not reflected until new instances
592   // start.
593   string version = 4;
594 }
595 
596 // Configuration for a secret volume. It has the information necessary to fetch
597 // the secret value from secret manager and make it available as files mounted
598 // at the requested paths within the application container.
599 message SecretVolume {
600   // Configuration for a single version.
601   message SecretVersion {
602     // Version of the secret (version number or the string 'latest'). It is
603     // preferable to use `latest` version with secret volumes as secret value
604     // changes are reflected immediately.
605     string version = 1;
606 
607     // Relative path of the file under the mount path where the secret value for
608     // this version will be fetched and made available. For example, setting the
609     // mount_path as '/etc/secrets' and path as `secret_foo` would mount the
610     // secret value file at `/etc/secrets/secret_foo`.
611     string path = 2;
612   }
613 
614   // The path within the container to mount the secret volume. For example,
615   // setting the mount_path as `/etc/secrets` would mount the secret value files
616   // under the `/etc/secrets` directory. This directory will also be completely
617   // shadowed and unavailable to mount any other secrets.
618   // Recommended mount path: /etc/secrets
619   string mount_path = 1;
620 
621   // Project identifier (preferably project number but can also be the project
622   // ID) of the project that contains the secret. If not set, it is
623   // assumed that the secret is in the same project as the function.
624   string project_id = 2;
625 
626   // Name of the secret in secret manager (not the full resource name).
627   string secret = 3;
628 
629   // List of secret versions to mount for this secret. If empty, the `latest`
630   // version of the secret will be made available in a file named after the
631   // secret under the mount point.
632   repeated SecretVersion versions = 4;
633 }
634 
635 // Describes EventTrigger, used to request events to be sent from another
636 // service.
637 message EventTrigger {
638   // Describes the retry policy in case of function's execution failure.
639   // Retried execution is charged as any other execution.
640   enum RetryPolicy {
641     // Not specified.
642     RETRY_POLICY_UNSPECIFIED = 0;
643 
644     // Do not retry.
645     RETRY_POLICY_DO_NOT_RETRY = 1;
646 
647     // Retry on any failure, retry up to 7 days with an exponential backoff
648     // (capped at 10 seconds).
649     RETRY_POLICY_RETRY = 2;
650   }
651 
652   // Output only. The resource name of the Eventarc trigger. The format of this field is
653   // `projects/{project}/locations/{region}/triggers/{trigger}`.
654   string trigger = 1 [
655     (google.api.field_behavior) = OUTPUT_ONLY,
656     (google.api.resource_reference) = {
657       type: "eventarc.googleapis.com/Trigger"
658     }
659   ];
660 
661   // The region that the trigger will be in. The trigger will only receive
662   // events originating in this region. It can be the same
663   // region as the function, a different region or multi-region, or the global
664   // region. If not provided, defaults to the same region as the function.
665   string trigger_region = 2;
666 
667   // Required. The type of event to observe. For example:
668   // `google.cloud.audit.log.v1.written` or
669   // `google.cloud.pubsub.topic.v1.messagePublished`.
670   string event_type = 3 [(google.api.field_behavior) = REQUIRED];
671 
672   // Criteria used to filter events.
673   repeated EventFilter event_filters = 4;
674 
675   // Optional. The name of a Pub/Sub topic in the same project that will be used
676   // as the transport topic for the event delivery. Format:
677   // `projects/{project}/topics/{topic}`.
678   //
679   // This is only valid for events of type
680   // `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here
681   // will not be deleted at function deletion.
682   string pubsub_topic = 5 [
683     (google.api.field_behavior) = OPTIONAL,
684     (google.api.resource_reference) = {
685       type: "pubsub.googleapis.com/Topic"
686     }
687   ];
688 
689   // Optional. The email of the trigger's service account. The service account must have
690   // permission to invoke Cloud Run services, the permission is
691   // `run.routes.invoke`.
692   // If empty, defaults to the Compute Engine default service account:
693   // `{project_number}-compute@developer.gserviceaccount.com`.
694   string service_account_email = 6 [(google.api.field_behavior) = OPTIONAL];
695 
696   // Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).
697   RetryPolicy retry_policy = 7 [(google.api.field_behavior) = OPTIONAL];
698 
699   // Optional. The name of the channel associated with the trigger in
700   // `projects/{project}/locations/{location}/channels/{channel}` format.
701   // You must provide a channel to receive events from Eventarc SaaS partners.
702   string channel = 8 [
703     (google.api.field_behavior) = OPTIONAL,
704     (google.api.resource_reference) = {
705       type: "eventarc.googleapis.com/Channel"
706     }
707   ];
708 }
709 
710 // Filters events based on exact matches on the CloudEvents attributes.
711 message EventFilter {
712   // Required. The name of a CloudEvents attribute.
713   string attribute = 1 [(google.api.field_behavior) = REQUIRED];
714 
715   // Required. The value for the attribute.
716   string value = 2 [(google.api.field_behavior) = REQUIRED];
717 
718   // Optional. The operator used for matching the events with the value of the
719   // filter. If not specified, only events that have an exact key-value pair
720   // specified in the filter are matched. The only allowed value is
721   // `match-path-pattern`.
722   string operator = 3 [(google.api.field_behavior) = OPTIONAL];
723 }
724 
725 // Request for the `GetFunction` method.
726 message GetFunctionRequest {
727   // Required. The name of the function which details should be obtained.
728   string name = 1 [
729     (google.api.field_behavior) = REQUIRED,
730     (google.api.resource_reference) = {
731       type: "cloudfunctions.googleapis.com/Function"
732     }
733   ];
734 }
735 
736 // Request for the `ListFunctions` method.
737 message ListFunctionsRequest {
738   // Required. The project and location from which the function should be listed,
739   // specified in the format `projects/*/locations/*`
740   // If you want to list functions in all locations, use "-" in place of a
741   // location. When listing functions in all locations, if one or more
742   // location(s) are unreachable, the response will contain functions from all
743   // reachable locations along with the names of any unreachable locations.
744   string parent = 1 [
745     (google.api.field_behavior) = REQUIRED,
746     (google.api.resource_reference) = {
747       child_type: "cloudfunctions.googleapis.com/Function"
748     }
749   ];
750 
751   // Maximum number of functions to return per call.
752   int32 page_size = 2;
753 
754   // The value returned by the last
755   // `ListFunctionsResponse`; indicates that
756   // this is a continuation of a prior `ListFunctions` call, and that the
757   // system should return the next page of data.
758   string page_token = 3;
759 
760   // The filter for Functions that match the filter expression,
761   // following the syntax outlined in https://google.aip.dev/160.
762   string filter = 4;
763 
764   // The sorting order of the resources returned. Value should be a comma
765   // separated list of fields. The default sorting oder is ascending.
766   // See https://google.aip.dev/132#ordering.
767   string order_by = 5;
768 }
769 
770 // Response for the `ListFunctions` method.
771 message ListFunctionsResponse {
772   // The functions that match the request.
773   repeated Function functions = 1;
774 
775   // A token, which can be sent as `page_token` to retrieve the next page.
776   // If this field is omitted, there are no subsequent pages.
777   string next_page_token = 2;
778 
779   // Locations that could not be reached. The response does not include any
780   // functions from these locations.
781   repeated string unreachable = 3;
782 }
783 
784 // Request for the `CreateFunction` method.
785 message CreateFunctionRequest {
786   // Required. The project and location in which the function should be created, specified
787   // in the format `projects/*/locations/*`
788   string parent = 1 [
789     (google.api.field_behavior) = REQUIRED,
790     (google.api.resource_reference) = {
791       type: "locations.googleapis.com/Location"
792     }
793   ];
794 
795   // Required. Function to be created.
796   Function function = 2 [(google.api.field_behavior) = REQUIRED];
797 
798   // The ID to use for the function, which will become the final component of
799   // the function's resource name.
800   //
801   // This value should be 4-63 characters, and valid characters
802   // are /[a-z][0-9]-/.
803   string function_id = 3;
804 }
805 
806 // Request for the `UpdateFunction` method.
807 message UpdateFunctionRequest {
808   // Required. New version of the function.
809   Function function = 1 [(google.api.field_behavior) = REQUIRED];
810 
811   // The list of fields to be updated.
812   // If no field mask is provided, all provided fields in the request will be
813   // updated.
814   google.protobuf.FieldMask update_mask = 2;
815 }
816 
817 // Request for the `DeleteFunction` method.
818 message DeleteFunctionRequest {
819   // Required. The name of the function which should be deleted.
820   string name = 1 [
821     (google.api.field_behavior) = REQUIRED,
822     (google.api.resource_reference) = {
823       type: "cloudfunctions.googleapis.com/Function"
824     }
825   ];
826 }
827 
828 // Request of `GenerateSourceUploadUrl` method.
829 message GenerateUploadUrlRequest {
830   // Required. The project and location in which the Google Cloud Storage signed URL
831   // should be generated, specified in the format `projects/*/locations/*`.
832   string parent = 1 [
833     (google.api.field_behavior) = REQUIRED,
834     (google.api.resource_reference) = {
835       type: "locations.googleapis.com/Location"
836     }
837   ];
838 }
839 
840 // Response of `GenerateSourceUploadUrl` method.
841 message GenerateUploadUrlResponse {
842   // The generated Google Cloud Storage signed URL that should be used for a
843   // function source code upload. The uploaded file should be a zip archive
844   // which contains a function.
845   string upload_url = 1;
846 
847   // The location of the source code in the upload bucket.
848   //
849   // Once the archive is uploaded using the `upload_url` use this field to
850   // set the `function.build_config.source.storage_source`
851   // during CreateFunction and UpdateFunction.
852   //
853   // Generation defaults to 0, as Cloud Storage provides a new generation only
854   // upon uploading a new object or version of an object.
855   StorageSource storage_source = 2;
856 }
857 
858 // Request of `GenerateDownloadUrl` method.
859 message GenerateDownloadUrlRequest {
860   // Required. The name of function for which source code Google Cloud Storage signed
861   // URL should be generated.
862   string name = 1 [
863     (google.api.field_behavior) = REQUIRED,
864     (google.api.resource_reference) = {
865       type: "cloudfunctions.googleapis.com/Function"
866     }
867   ];
868 }
869 
870 // Response of `GenerateDownloadUrl` method.
871 message GenerateDownloadUrlResponse {
872   // The generated Google Cloud Storage signed URL that should be used for
873   // function source code download.
874   string download_url = 1;
875 }
876 
877 // Request for the `ListRuntimes` method.
878 message ListRuntimesRequest {
879   // Required. The project and location from which the runtimes should be listed,
880   // specified in the format `projects/*/locations/*`
881   string parent = 1 [
882     (google.api.field_behavior) = REQUIRED,
883     (google.api.resource_reference) = {
884       type: "locations.googleapis.com/Location"
885     }
886   ];
887 
888   // The filter for Runtimes that match the filter expression,
889   // following the syntax outlined in https://google.aip.dev/160.
890   string filter = 2;
891 }
892 
893 // Response for the `ListRuntimes` method.
894 message ListRuntimesResponse {
895   // Describes a runtime and any special information (e.g., deprecation status)
896   // related to it.
897   message Runtime {
898     // The name of the runtime, e.g., 'go113', 'nodejs12', etc.
899     string name = 1;
900 
901     // The user facing name, eg 'Go 1.13', 'Node.js 12', etc.
902     string display_name = 5;
903 
904     // The stage of life this runtime is in, e.g., BETA, GA, etc.
905     RuntimeStage stage = 2;
906 
907     // Warning messages, e.g., a deprecation warning.
908     repeated string warnings = 3;
909 
910     // The environment for the runtime.
911     Environment environment = 4;
912   }
913 
914   // The various stages that a runtime can be in.
915   enum RuntimeStage {
916     // Not specified.
917     RUNTIME_STAGE_UNSPECIFIED = 0;
918 
919     // The runtime is in development.
920     DEVELOPMENT = 1;
921 
922     // The runtime is in the Alpha stage.
923     ALPHA = 2;
924 
925     // The runtime is in the Beta stage.
926     BETA = 3;
927 
928     // The runtime is generally available.
929     GA = 4;
930 
931     // The runtime is deprecated.
932     DEPRECATED = 5;
933 
934     // The runtime is no longer supported.
935     DECOMMISSIONED = 6;
936   }
937 
938   // The runtimes that match the request.
939   repeated Runtime runtimes = 1;
940 }
941 
942 // Represents the metadata of the long-running operation.
943 message OperationMetadata {
944   // The time the operation was created.
945   google.protobuf.Timestamp create_time = 1;
946 
947   // The time the operation finished running.
948   google.protobuf.Timestamp end_time = 2;
949 
950   // Server-defined resource path for the target of the operation.
951   string target = 3;
952 
953   // Name of the verb executed by the operation.
954   string verb = 4;
955 
956   // Human-readable status of the operation, if any.
957   string status_detail = 5;
958 
959   // Identifies whether the user has requested cancellation
960   // of the operation. Operations that have successfully been cancelled
961   // have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
962   // corresponding to `Code.CANCELLED`.
963   bool cancel_requested = 6;
964 
965   // API version used to start the operation.
966   string api_version = 7;
967 
968   // The original request that started the operation.
969   google.protobuf.Any request_resource = 8;
970 
971   // Mechanism for reporting in-progress stages
972   repeated Stage stages = 9;
973 }
974 
975 // Each Stage of the deployment process
976 message Stage {
977   // Possible names for a Stage
978   enum Name {
979     // Not specified. Invalid name.
980     NAME_UNSPECIFIED = 0;
981 
982     // Artifact Regsitry Stage
983     ARTIFACT_REGISTRY = 1;
984 
985     // Build Stage
986     BUILD = 2;
987 
988     // Service Stage
989     SERVICE = 3;
990 
991     // Trigger Stage
992     TRIGGER = 4;
993 
994     // Service Rollback Stage
995     SERVICE_ROLLBACK = 5;
996 
997     // Trigger Rollback Stage
998     TRIGGER_ROLLBACK = 6;
999   }
1000 
1001   // Possible states for a Stage
1002   enum State {
1003     // Not specified. Invalid state.
1004     STATE_UNSPECIFIED = 0;
1005 
1006     // Stage has not started.
1007     NOT_STARTED = 1;
1008 
1009     // Stage is in progress.
1010     IN_PROGRESS = 2;
1011 
1012     // Stage has completed.
1013     COMPLETE = 3;
1014   }
1015 
1016   // Name of the Stage. This will be unique for each Stage.
1017   Name name = 1;
1018 
1019   // Message describing the Stage
1020   string message = 2;
1021 
1022   // Current state of the Stage
1023   State state = 3;
1024 
1025   // Resource of the Stage
1026   string resource = 4;
1027 
1028   // Link to the current Stage resource
1029   string resource_uri = 5;
1030 
1031   // State messages from the current Stage.
1032   repeated StateMessage state_messages = 6;
1033 }
1034