feat: add new fields and enum values related to round-trip

Google APIs · copybara-github · commit efad09c9f0d4 · 2024-03-25T11:45:53.000-07:00
docs: update a few outdated comments
PiperOrigin-RevId: 618911579
diff --git a/google/cloud/networkmanagement/v1/connectivity_test.proto b/google/cloud/networkmanagement/v1/connectivity_test.proto
@@ -38,7 +38,7 @@ message ConnectivityTest {
   };
 
   // Required. Unique name of the resource using the form:
-  //     `projects/{project_id}/locations/global/connectivityTests/{test}`
+  //     `projects/{project_id}/locations/global/connectivityTests/{test_id}`
   string name = 1 [(google.api.field_behavior) = REQUIRED];
 
   // The user-supplied description of the Connectivity Test.
@@ -122,6 +122,10 @@ message ConnectivityTest {
   // existing test.
   ProbingDetails probing_details = 14
       [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Whether the test should skip firewall checking.
+  // If not provided, we assume false.
+  bool bypass_firewall_checks = 17;
 }
 
 // Source or destination of the Connectivity Test.
@@ -277,7 +281,9 @@ message ReachabilityDetails {
     // The source and destination endpoints do not uniquely identify
     // the test location in the network, and the reachability result contains
     // multiple traces. For some traces, a packet could be delivered, and for
-    // others, it would not be.
+    // others, it would not be. This result is also assigned to
+    // configuration analysis of return path if on its own it should be
+    // REACHABLE, but configuration analysis of forward path is AMBIGUOUS.
     AMBIGUOUS = 4;
 
     // The configuration analysis did not complete. Possible reasons are:
diff --git a/google/cloud/networkmanagement/v1/trace.proto b/google/cloud/networkmanagement/v1/trace.proto
@@ -52,6 +52,11 @@ message Trace {
   // network state machine. It is critical to preserve the order of the steps
   // and avoid reordering or sorting them.
   repeated Step steps = 2;
+
+  // ID of trace. For forward traces, this ID is unique for each trace. For
+  // return traces, it matches ID of associated forward trace. A single forward
+  // trace can be associated with none, one or more than one return trace.
+  int32 forward_trace_id = 4;
 }
 
 // A simulated forwarding path is composed of multiple steps.
@@ -101,6 +106,15 @@ message Step {
     // A CloudRunRevisionInfo is populated with starting revision information.
     START_FROM_CLOUD_RUN_REVISION = 26;
 
+    // Initial state: packet originating from a Storage Bucket. Used only for
+    // return traces.
+    // The storage_bucket information is populated.
+    START_FROM_STORAGE_BUCKET = 29;
+
+    // Initial state: packet originating from a published service that uses
+    // Private Service Connect. Used only for return traces.
+    START_FROM_PSC_PUBLISHED_SERVICE = 30;
+
     // Config checking state: verify ingress firewall rule.
     APPLY_INGRESS_FIREWALL_RULE = 4;
 
@@ -336,6 +350,12 @@ message FirewallInfo {
     // For details, see [Regional network firewall
     // policies](https://cloud.google.com/firewall/docs/regional-firewall-policies).
     NETWORK_REGIONAL_FIREWALL_POLICY_RULE = 6;
+
+    // Tracking state for response traffic created when request traffic goes
+    // through allow firewall rule.
+    // For details, see [firewall rules
+    // specifications](https://cloud.google.com/firewall/docs/firewalls#specifications)
+    TRACKING_STATE = 101;
   }
 
   // The display name of the VPC firewall rule. This field is not applicable
@@ -1064,7 +1084,7 @@ message DropInfo {
     // Route's next hop resource is not found.
     ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND = 43;
 
-    // Route's next hop instance doesn't hace a NIC in the route's network.
+    // Route's next hop instance doesn't have a NIC in the route's network.
     ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK = 49;
 
     // Route's next hop IP address is not a primary IP address of the next hop
diff --git a/google/cloud/networkmanagement/v1beta1/connectivity_test.proto b/google/cloud/networkmanagement/v1beta1/connectivity_test.proto
@@ -122,6 +122,10 @@ message ConnectivityTest {
   // existing test.
   ProbingDetails probing_details = 14
       [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Whether the test should skip firewall checking.
+  // If not provided, we assume false.
+  bool bypass_firewall_checks = 17;
 }
 
 // Source or destination of the Connectivity Test.
@@ -277,7 +281,9 @@ message ReachabilityDetails {
     // The source and destination endpoints do not uniquely identify
     // the test location in the network, and the reachability result contains
     // multiple traces. For some traces, a packet could be delivered, and for
-    // others, it would not be.
+    // others, it would not be. This result is also assigned to
+    // configuration analysis of return path if on its own it should be
+    // REACHABLE, but configuration analysis of forward path is AMBIGUOUS.
     AMBIGUOUS = 4;
 
     // The configuration analysis did not complete. Possible reasons are:
diff --git a/google/cloud/networkmanagement/v1beta1/trace.proto b/google/cloud/networkmanagement/v1beta1/trace.proto
@@ -52,6 +52,11 @@ message Trace {
   // network state machine. It is critical to preserve the order of the steps
   // and avoid reordering or sorting them.
   repeated Step steps = 2;
+
+  // ID of trace. For forward traces, this ID is unique for each trace. For
+  // return traces, it matches ID of associated forward trace. A single forward
+  // trace can be associated with none, one or more than one return trace.
+  int32 forward_trace_id = 4;
 }
 
 // A simulated forwarding path is composed of multiple steps.
@@ -101,6 +106,15 @@ message Step {
     // A CloudRunRevisionInfo is populated with starting revision information.
     START_FROM_CLOUD_RUN_REVISION = 26;
 
+    // Initial state: packet originating from a Storage Bucket. Used only for
+    // return traces.
+    // The storage_bucket information is populated.
+    START_FROM_STORAGE_BUCKET = 29;
+
+    // Initial state: packet originating from a published service that uses
+    // Private Service Connect. Used only for return traces.
+    START_FROM_PSC_PUBLISHED_SERVICE = 30;
+
     // Config checking state: verify ingress firewall rule.
     APPLY_INGRESS_FIREWALL_RULE = 4;
 
@@ -124,9 +138,13 @@ message Step {
     ARRIVE_AT_INSTANCE = 9;
 
     // Forwarding state: arriving at a Compute Engine internal load balancer.
+    // Deprecated in favor of the `ANALYZE_LOAD_BALANCER_BACKEND` state, not
+    // used in new tests.
     ARRIVE_AT_INTERNAL_LOAD_BALANCER = 10 [deprecated = true];
 
     // Forwarding state: arriving at a Compute Engine external load balancer.
+    // Deprecated in favor of the `ANALYZE_LOAD_BALANCER_BACKEND` state, not
+    // used in new tests.
     ARRIVE_AT_EXTERNAL_LOAD_BALANCER = 11 [deprecated = true];
 
     // Forwarding state: arriving at a Cloud VPN gateway.
@@ -336,6 +354,12 @@ message FirewallInfo {
     // For details, see [Regional network firewall
     // policies](https://cloud.google.com/firewall/docs/regional-firewall-policies).
     NETWORK_REGIONAL_FIREWALL_POLICY_RULE = 6;
+
+    // Tracking state for response traffic created when request traffic goes
+    // through allow firewall rule.
+    // For details, see [firewall rules
+    // specifications](https://cloud.google.com/firewall/docs/firewalls#specifications)
+    TRACKING_STATE = 101;
   }
 
   // The display name of the VPC firewall rule. This field is not applicable
