feat: Added ClusterView supporting more granular view of continuous backups

Google APIs · copybara-github · commit 277df0ec41d2 · 2023-06-12T12:15:23.000-07:00
feat: Added new SSL modes ALLOW_UNENCRYPTED_AND_ENCRYPTED, ENCRYPTED_ONLY
feat: Added users API
feat: Added fault injection API
feat: Added instance update policy
feat: Added cluster network config
fix: Deprecated SSL modes SSL_MODE_ALLOW, SSL_MODE_REQUIRE, SSL_MODE_VERIFY_CA

PiperOrigin-RevId: 539726243
diff --git a/google/cloud/alloydb/v1alpha/alloydb_v1alpha.yaml b/google/cloud/alloydb/v1alpha/alloydb_v1alpha.yaml
@@ -109,20 +109,16 @@ authentication:
         https://www.googleapis.com/auth/cloud-platform
 
 publishing:
-  organization: CLOUD
-  new_issue_uri: 'https://issuetracker.google.com/issues/new?component=1029828'
-  documentation_uri: 'https://cloud.google.com/alloydb/docs'
-  api_short_name: 'alloydb'
+  new_issue_uri: https://issuetracker.google.com/issues/new?component=1194526&template=1689942
+  documentation_uri: https://cloud.google.com/alloydb/docs
+  api_short_name: alloydb
   github_label: 'api: alloydb'
-  doc_tag_prefix: 'alloydb'
-  codeowner_github_teams:
+  doc_tag_prefix: alloydb
+  organization: CLOUD
   library_settings:
-  - version: 'google.cloud.alloydb.v1'
+  - version: google.cloud.alloydb.v1
     launch_stage: GA
-    rest_numeric_enums: false
     java_settings:
-      library_package: ''
-      service_class_names:
       common:
         destinations:
         - PACKAGE_MANAGER
@@ -154,12 +150,9 @@ publishing:
       common:
         destinations:
         - PACKAGE_MANAGER
-  - version: 'google.cloud.alloydb.v1beta'
+  - version: google.cloud.alloydb.v1beta
     launch_stage: BETA
-    rest_numeric_enums: false
     java_settings:
-      library_package: ''
-      service_class_names:
       common:
         destinations:
         - PACKAGE_MANAGER
@@ -191,12 +184,9 @@ publishing:
       common:
         destinations:
         - PACKAGE_MANAGER
-  - version: 'google.cloud.alloydb.v1alpha'
+  - version: google.cloud.alloydb.v1alpha
     launch_stage: ALPHA
-    rest_numeric_enums: false
     java_settings:
-      library_package: ''
-      service_class_names:
       common:
         destinations:
         - PACKAGE_MANAGER
diff --git a/google/cloud/alloydb/v1alpha/resources.proto b/google/cloud/alloydb/v1alpha/resources.proto
@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -40,18 +40,6 @@ option (google.api.resource_definition) = {
   pattern: "projects/{project}/global/networks/{network}"
 };
 
-// The supported database engine versions.
-enum DatabaseVersion {
-  // This is an unknown database version.
-  DATABASE_VERSION_UNSPECIFIED = 0;
-
-  // DEPRECATED - The database version is Postgres 13.
-  POSTGRES_13 = 1 [deprecated = true];
-
-  // The database version is Postgres 14.
-  POSTGRES_14 = 2;
-}
-
 // View on Instance. Pass this enum to rpcs that returns an Instance message to
 // control which subsets of fields to get.
 enum InstanceView {
@@ -68,6 +56,35 @@ enum InstanceView {
   INSTANCE_VIEW_FULL = 2;
 }
 
+// View on Cluster. Pass this enum to rpcs that returns a cluster message to
+// control which subsets of fields to get.
+enum ClusterView {
+  // CLUSTER_VIEW_UNSPECIFIED Not specified, equivalent to BASIC.
+  CLUSTER_VIEW_UNSPECIFIED = 0;
+
+  // BASIC server responses include all the relevant cluster details, excluding
+  // Cluster.ContinuousBackupInfo.EarliestRestorableTime and other view-specific
+  // fields. The default value.
+  CLUSTER_VIEW_BASIC = 1;
+
+  // CONTINUOUS_BACKUP response returns all the fields from BASIC plus
+  // the earliest restorable time if continuous backups are enabled.
+  // May increase latency.
+  CLUSTER_VIEW_CONTINUOUS_BACKUP = 2;
+}
+
+// The supported database engine versions.
+enum DatabaseVersion {
+  // This is an unknown database version.
+  DATABASE_VERSION_UNSPECIFIED = 0;
+
+  // DEPRECATED - The database version is Postgres 13.
+  POSTGRES_13 = 1 [deprecated = true];
+
+  // The database version is Postgres 14.
+  POSTGRES_14 = 2;
+}
+
 // The username/password for a database user. Used for specifying initial
 // users at cluster creation time.
 message UserPassword {
@@ -141,25 +158,31 @@ message EncryptionInfo {
   ];
 }
 
-// SSL configuration for an AlloyDB Cluster.
+// SSL configuration.
 message SslConfig {
   // SSL mode options.
   enum SslMode {
-    // SSL mode not specified. Defaults to SSL_MODE_ALLOW.
+    // SSL mode not specified. Defaults to ENCRYPTED_ONLY.
     SSL_MODE_UNSPECIFIED = 0;
 
     // SSL connections are optional. CA verification not enforced.
-    SSL_MODE_ALLOW = 1;
+    SSL_MODE_ALLOW = 1 [deprecated = true];
 
     // SSL connections are required. CA verification not enforced.
     // Clients may use locally self-signed certificates (default psql client
     // behavior).
-    SSL_MODE_REQUIRE = 2;
+    SSL_MODE_REQUIRE = 2 [deprecated = true];
 
     // SSL connections are required. CA verification enforced.
     // Clients must have certificates signed by a Cluster CA, e.g. via
     // GenerateClientCertificate.
-    SSL_MODE_VERIFY_CA = 3;
+    SSL_MODE_VERIFY_CA = 3 [deprecated = true];
+
+    // SSL connections are optional. CA verification not enforced.
+    ALLOW_UNENCRYPTED_AND_ENCRYPTED = 4;
+
+    // SSL connections are required. CA verification not enforced.
+    ENCRYPTED_ONLY = 5;
   }
 
   // Certificate Authority (CA) source for SSL/TLS certificates.
@@ -314,6 +337,11 @@ message ContinuousBackupInfo {
   // only field. Ignored if passed into the request.
   repeated google.type.DayOfWeek schedule = 3
       [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The earliest restorable time that can be restored to. Output
+  // only field.
+  google.protobuf.Timestamp earliest_restorable_time = 4
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // Message describing a BackupSource.
@@ -353,6 +381,32 @@ message Cluster {
     style: DECLARATIVE_FRIENDLY
   };
 
+  // Metadata related to network configuration.
+  message NetworkConfig {
+    // Required. The resource link for the VPC network in which cluster
+    // resources are created and from which they are accessible via Private IP.
+    // The network must belong to the same project as the cluster. It is
+    // specified in the form:
+    // "projects/{project_number}/global/networks/{network_id}". This is
+    // required to create a cluster. It can be updated, but it cannot be
+    // removed.
+    string network = 1 [
+      (google.api.field_behavior) = REQUIRED,
+      (google.api.resource_reference) = {
+        type: "compute.googleapis.com/Network"
+      }
+    ];
+
+    // Optional. The name of the allocated IP range for the private IP AlloyDB
+    // cluster. For example: "google-managed-services-default". If set, the
+    // instance IPs for this cluster will be created in the allocated range. The
+    // range name must comply with RFC 1035. Specifically, the name must be 1-63
+    // characters long and match the regular expression
+    // [a-z]([-a-z0-9]*[a-z0-9])?.
+    // Field name is intended to be consistent with CloudSQL.
+    string allocated_ip_range = 2 [(google.api.field_behavior) = OPTIONAL];
+  }
+
   // Configuration information for the secondary cluster. This should be set
   // if and only if the cluster is of type SECONDARY.
   message SecondaryConfig {
@@ -481,6 +535,8 @@ message Cluster {
   DatabaseVersion database_version = 9
       [(google.api.field_behavior) = OUTPUT_ONLY];
 
+  NetworkConfig network_config = 29 [(google.api.field_behavior) = OPTIONAL];
+
   // Required. The resource link for the VPC network in which cluster resources
   // are created and from which they are accessible via Private IP. The network
   // must belong to the same project as the cluster. It is specified in the
@@ -519,8 +575,8 @@ message Cluster {
   // documentation for the message type.
   AutomatedBackupPolicy automated_backup_policy = 17;
 
-  // SSL configuration for this AlloyDB Cluster.
-  SslConfig ssl_config = 18;
+  // SSL configuration for this AlloyDB cluster.
+  SslConfig ssl_config = 18 [deprecated = true];
 
   // Optional. The encryption config can be specified to encrypt the data disks
   // and other persistent data resources of a cluster with a
@@ -610,6 +666,25 @@ message Instance {
     int32 node_count = 1;
   }
 
+  // Policy to be used while updating the instance.
+  message UpdatePolicy {
+    // Specifies the available modes of update.
+    enum Mode {
+      // Mode is unknown.
+      MODE_UNSPECIFIED = 0;
+
+      // Least disruptive way to apply the update.
+      DEFAULT = 1;
+
+      // Performs a forced update when applicable. This will be fast but may
+      // incur a downtime.
+      FORCE_APPLY = 2;
+    }
+
+    // Mode for updating the instance.
+    Mode mode = 1;
+  }
+
   // Instance State
   enum State {
     // The state of the instance is unknown.
@@ -667,10 +742,11 @@ message Instance {
   }
 
   // The Availability type of an instance. Potential values:
+  //
   // - ZONAL: The instance serves data from only one zone. Outages in that
-  // zone affect instance availability.
+  //     zone affect instance availability.
   // - REGIONAL: The instance can serve data from more than one zone in a
-  // region (it is highly available).
+  //     region (it is highly available).
   enum AvailabilityType {
     // This is an unknown Availability type.
     AVAILABILITY_TYPE_UNSPECIFIED = 0;
@@ -726,8 +802,11 @@ message Instance {
   MachineConfig machine_config = 10;
 
   // Availability type of an Instance.
-  // Defaults to REGIONAL for both primary and read instances.
-  // Note that primary and read instances can have different availability types.
+  // If empty, defaults to REGIONAL for primary instances.
+  // For read pools, availability_type is always UNSPECIFIED. Instances in the
+  // read pools are evenly distributed across available zones within the region
+  // (i.e. read pools with more than one node will have a node in at
+  // least two zones).
   AvailabilityType availability_type = 11;
 
   // The Compute Engine zone that the instance should serve from, per
@@ -786,6 +865,12 @@ message Instance {
   // This is distinct from labels.
   // https://google.aip.dev/128
   map<string, string> annotations = 18;
+
+  // Update policy that will be applied during instance update.
+  // This field is not persisted when you update the instance.
+  // To use a non-default update policy, you must
+  // specify explicitly specify the value in each update request.
+  UpdatePolicy update_policy = 22;
 }
 
 // ConnectionInfo singleton resource.
@@ -808,7 +893,7 @@ message ConnectionInfo {
   // Output only. The pem-encoded chain that may be used to verify the X.509
   // certificate. Expected to be in issuer-to-root order according to RFC 5246.
   repeated string pem_certificate_chain = 3
-      [(google.api.field_behavior) = OUTPUT_ONLY];
+      [deprecated = true, (google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. The unique ID of the Instance.
   string instance_uid = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
@@ -905,7 +990,7 @@ message Backup {
   string cluster_uid = 18 [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Required. The full resource name of the backup source cluster
-  // (e.g., projects/<project>/locations/<location>/clusters/<cluster_id>).
+  // (e.g., projects/{project}/locations/{region}/clusters/{cluster_id}).
   string cluster_name = 10 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" }
@@ -1026,3 +1111,39 @@ message SupportedDatabaseFlag {
   // availability SLO's).
   bool requires_db_restart = 6;
 }
+
+// Message describing User object.
+message User {
+  option (google.api.resource) = {
+    type: "alloydb.googleapis.com/User"
+    pattern: "projects/{project}/locations/{location}/clusters/{cluster}/users/{user}"
+    style: DECLARATIVE_FRIENDLY
+  };
+
+  // Enum that details the user type.
+  enum UserType {
+    // Unspecified user type.
+    USER_TYPE_UNSPECIFIED = 0;
+
+    // The default user type that authenticates via password-based
+    // authentication.
+    ALLOYDB_BUILT_IN = 1;
+
+    // Database user that can authenticate via IAM-Based authentication.
+    ALLOYDB_IAM_USER = 2;
+  }
+
+  // Output only. Name of the resource in the form of
+  // projects/{project}/locations/{location}/cluster/{cluster}/users/{user}.
+  string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Input only. Password for the user.
+  string password = 2 [(google.api.field_behavior) = INPUT_ONLY];
+
+  // Optional. List of database roles this user has.
+  // The database role strings are subject to the PostgreSQL naming conventions.
+  repeated string database_roles = 4 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Type of this user.
+  UserType user_type = 5 [(google.api.field_behavior) = OPTIONAL];
+}
diff --git a/google/cloud/alloydb/v1alpha/service.proto b/google/cloud/alloydb/v1alpha/service.proto
