RevisionSpec

RevisionSpec holds the desired state of the Revision (from the client).

JSON representation
{
  "container": {
    object (Container)
  },
  "concurrencyModel": string,
  "containerConcurrency": number,
  "timeoutSeconds": number,
  "servingState": enum (RevisionServingState),
  "generation": number,
  "serviceAccountName": string,
  "containers": [
    {
      object (Container)
    }
  ],
  "volumes": [
    {
      object (Volume)
    }
  ]
}
Fields
container
(deprecated)

object (Container)

Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md

concurrencyModel
(deprecated)

string

ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional

containerConcurrency

number

(Optional)

ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision.

Cloud Run fully managed: supported, defaults to 80

Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.

timeoutSeconds

number

TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run.

servingState
(deprecated)

enum (RevisionServingState)

ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load.

Populated by the system. Read-only.

generation
(deprecated)

number

Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state.

Read-only.

serviceAccountName

string

Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account.

containers[]

object (Container)

Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided.

volumes[]

object (Volume)

Container

A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.

JSON representation
{
  "name": string,
  "image": string,
  "command": [
    string
  ],
  "args": [
    string
  ],
  "env": [
    {
      object (EnvVar)
    }
  ],
  "resources": {
    object (ResourceRequirements)
  },
  "workingDir": string,
  "ports": [
    {
      object (ContainerPort)
    }
  ],
  "envFrom": [
    {
      object (EnvFromSource)
    }
  ],
  "volumeMounts": [
    {
      object (VolumeMount)
    }
  ],
  "volumeDevices": [
    {
      object (VolumeDevice)
    }
  ],
  "livenessProbe": {
    object (Probe)
  },
  "readinessProbe": {
    object (Probe)
  },
  "lifecycle": {
    object (Lifecycle)
  },
  "terminationMessagePath": string,
  "terminationMessagePolicy": string,
  "imagePullPolicy": string,
  "securityContext": {
    object (SecurityContext)
  },
  "stdin": boolean,
  "stdinOnce": boolean,
  "tty": boolean
}
Fields
name

string

Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated.

image

string

Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images

command[]

string

Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional

args[]

string

Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional

env[]

object (EnvVar)

List of environment variables to set in the container. Cannot be updated. +optional

resources

object (ResourceRequirements)

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional

workingDir

string

Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional

ports[]

object (ContainerPort)

List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional

envFrom[]

object (EnvFromSource)

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional

volumeMounts[]

object (VolumeMount)

Pod volumes to mount into the container's filesystem. Cannot be updated. +optional

volumeDevices[]

object (VolumeDevice)

volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional

livenessProbe

object (Probe)

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional

readinessProbe

object (Probe)

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional

lifecycle

object (Lifecycle)

Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional

terminationMessagePath

string

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional

securityContext

object (SecurityContext)

Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional

EnvVar

EnvVar represents an environment variable present in a Container.

JSON representation
{
  "name": string,
  "value": string,
  "valueFrom": {
    object (EnvVarSource)
  }
}
Fields
name

string

Name of the environment variable. Must be a C_IDENTIFIER.

value

string

Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional

valueFrom

object (EnvVarSource)

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Source for the environment variable's value. Cannot be used if value is not empty. +optional

EnvVarSource

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

EnvVarSource represents a source for the value of an EnvVar.

JSON representation
{
  "configMapKeyRef": {
    object (ConfigMapKeySelector)
  },
  "secretKeyRef": {
    object (SecretKeySelector)
  }
}
Fields
configMapKeyRef

object (ConfigMapKeySelector)

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Selects a key of a ConfigMap. +optional

secretKeyRef

object (SecretKeySelector)

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Selects a key of a secret in the pod's namespace +optional

ConfigMapKeySelector

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Selects a key from a ConfigMap.

JSON representation
{
  "localObjectReference": {
    object (LocalObjectReference)
  },
  "key": string,
  "optional": boolean
}
Fields
localObjectReference

object (LocalObjectReference)

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

The ConfigMap to select from.

key

string

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

The key to select.

optional

boolean

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Specify whether the ConfigMap or its key must be defined +optional

LocalObjectReference

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

JSON representation
{
  "name": string
}
Fields
name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

SecretKeySelector

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

SecretKeySelector selects a key of a Secret.

JSON representation
{
  "localObjectReference": {
    object (LocalObjectReference)
  },
  "key": string,
  "optional": boolean
}
Fields
localObjectReference

object (LocalObjectReference)

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

The name of the secret in the pod's namespace to select from.

key

string

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

The key of the secret to select from. Must be a valid secret key.

optional

boolean

Cloud Run fully managed: not supported

Cloud Run on GKE: supported

Specify whether the Secret or its key must be defined +optional

ResourceRequirements

ResourceRequirements describes the compute resource requirements.

JSON representation
{
  "limits": {
    string: string,
    ...
  },
  "requests": {
    string: string,
    ...
  },
  "limitsInMap": {
    string: {
      object(Quantity)
    },
    ...
  },
  "requestsInMap": {
    string: {
      object(Quantity)
    },
    ...
  }
}
Fields
limits

map (key: string, value: string)

Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

requests

map (key: string, value: string)

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

limitsInMap
(deprecated)

map (key: string, value: object (Quantity))

Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map<string, Quantity> limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

requestsInMap
(deprecated)

map (key: string, value: object (Quantity))

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map<string, Quantity> requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

ContainerPort

ContainerPort represents a network port in a single container.

JSON representation
{
  "name": string,
  "hostPort": number,
  "containerPort": number,
  "protocol": string,
  "hostIP": string
}
Fields
name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional

hostPort

number

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional

containerPort

number

Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.

protocol

string

Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional

hostIP

string

What host IP to bind the external port to. +optional

EnvFromSource

EnvFromSource represents the source of a set of ConfigMaps

JSON representation
{
  "prefix": string,
  "configMapRef": {
    object (ConfigMapEnvSource)
  },
  "secretRef": {
    object (SecretEnvSource)
  }
}
Fields
prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional

configMapRef

object (ConfigMapEnvSource)

The ConfigMap to select from +optional

secretRef

object (SecretEnvSource)

The Secret to select from +optional

ConfigMapEnvSource

ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.

The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.

JSON representation
{
  "localObjectReference": {
    object (LocalObjectReference)
  },
  "optional": boolean
}
Fields
localObjectReference

object (LocalObjectReference)

The ConfigMap to select from.

optional

boolean

Specify whether the ConfigMap must be defined +optional

SecretEnvSource

SecretEnvSource selects a Secret to populate the environment variables with.

The contents of the target Secret's Data field will represent the key-value pairs as environment variables.

JSON representation
{
  "localObjectReference": {
    object (LocalObjectReference)
  },
  "optional": boolean
}
Fields
localObjectReference

object (LocalObjectReference)

The Secret to select from.

optional

boolean

Specify whether the Secret must be defined +optional

VolumeMount

VolumeMount describes a mounting of a Volume within a container.

JSON representation
{
  "name": string,
  "readOnly": boolean,
  "mountPath": string,
  "subPath": string,
  "mountPropagation": string
}
Fields
name

string

This must match the Name of a Volume.

readOnly

boolean

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional

mountPath

string

Path within the container at which the volume should be mounted. Must not contain ':'.

subPath

string

Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional

mountPropagation

string

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional

VolumeDevice

volumeDevice describes a mapping of a raw block device within a container.

JSON representation
{
  "name": string,
  "devicePath": string
}
Fields
name

string

name must match the name of a persistentVolumeClaim in the pod

devicePath

string

devicePath is the path inside of the container that the device will be mapped to.

Probe

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

JSON representation
{
  "handler": {
    object (Handler)
  },
  "initialDelaySeconds": number,
  "timeoutSeconds": number,
  "periodSeconds": number,
  "successThreshold": number,
  "failureThreshold": number
}
Fields
handler

object (Handler)

The action taken to determine the health of a container

initialDelaySeconds

number

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional

timeoutSeconds

number

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional

periodSeconds

number

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional

successThreshold

number

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional

failureThreshold

number

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional

Handler

Handler defines a specific action that should be taken

JSON representation
{
  "exec": {
    object (ExecAction)
  },
  "httpGet": {
    object (HTTPGetAction)
  },
  "tcpSocket": {
    object (TCPSocketAction)
  }
}
Fields
exec

object (ExecAction)

One and only one of the following should be specified. Exec specifies the action to take. +optional

httpGet

object (HTTPGetAction)

HTTPGet specifies the http request to perform. +optional

tcpSocket

object (TCPSocketAction)

TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported

ExecAction

ExecAction describes a "run in container" action.

JSON representation
{
  "command": string
}
Fields
command

string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional

HTTPGetAction

HTTPGetAction describes an action based on HTTP Get requests.

JSON representation
{
  "path": string,
  "port": {
    object (IntOrString)
  },
  "host": string,
  "scheme": string,
  "httpHeaders": [
    {
      object (HTTPHeader)
    }
  ]
}
Fields
path

string

Path to access on the HTTP server. +optional

port

object (IntOrString)

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP. +optional

httpHeaders[]

object (HTTPHeader)

Custom headers to set in the request. HTTP allows repeated headers. +optional

IntOrString

IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.

JSON representation
{
  "type": number,
  "intVal": number,
  "strVal": string
}
Fields
type

number

The type of the value.

intVal

number

The int value.

strVal

string

The string value.

HTTPHeader

HTTPHeader describes a custom header to be used in HTTP probes

JSON representation
{
  "name": string,
  "value": string
}
Fields
name

string

The header field name

value

string

The header field value

TCPSocketAction

TCPSocketAction describes an action based on opening a socket

JSON representation
{
  "port": {
    object (IntOrString)
  },
  "host": string
}
Fields
port

object (IntOrString)

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

host

string

Optional: Host name to connect to, defaults to the pod IP. +optional

Lifecycle

Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.

JSON representation
{
  "postStart": {
    object (Handler)
  },
  "preStop": {
    object (Handler)
  }
}
Fields
postStart

object (Handler)

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional

preStop

object (Handler)

PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional

SecurityContext

SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

JSON representation
{
  "capabilities": {
    object (Capabilities)
  },
  "privileged": boolean,
  "seLinuxOptions": {
    object (SELinuxOptions)
  },
  "runAsUser": number,
  "runAsGroup": number,
  "runAsNonRoot": boolean,
  "readOnlyRootFilesystem": boolean,
  "allowPrivilegeEscalation": boolean
}
Fields
capabilities

object (Capabilities)

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional

seLinuxOptions

object (SELinuxOptions)

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional

runAsUser

number

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional

runAsGroup

number

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. +optional

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional

Capabilities

Adds and removes POSIX capabilities from running containers.

JSON representation
{
  "add": [
    string
  ],
  "drop": [
    string
  ]
}
Fields
add[]

string

Added capabilities +optional

drop[]

string

Removed capabilities +optional

SELinuxOptions

SELinuxOptions are the labels to be applied to the container

JSON representation
{
  "user": string,
  "role": string,
  "type": string,
  "level": string
}
Fields
user

string

User is a SELinux user label that applies to the container. +optional

role

string

Role is a SELinux role label that applies to the container. +optional

type

string

Type is a SELinux type label that applies to the container. +optional

level

string

Level is SELinux level label that applies to the container. +optional

RevisionServingState

RevisionServingStateType is an enumeration of the levels of serving readiness of the Revision. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting

Enums
REVISION_SERVING_STATE_UNSPECIFIED The revision serving state hasn't been specified.
ACTIVE The revision is ready to serve traffic.
RESERVE The revision is not currently serving traffic, but could be made to serve traffic quickly. Not currently used by Cloud Run.
RETIRED The revision has been decommissioned and is not needed to serve traffic anymore. A Revision may be brought out of retirement, but it may take longer than it would from a "Reserve" state.

Volume

Volume represents a named volume in a container.

JSON representation
{
  "name": string,
  "secret": {
    object (SecretVolumeSource)
  },
  "configMap": {
    object (ConfigMapVolumeSource)
  }
}
Fields
name

string

Volume's name.

secret

object (SecretVolumeSource)

configMap

object (ConfigMapVolumeSource)

SecretVolumeSource

The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.

JSON representation
{
  "secretName": string,
  "items": [
    {
      object (KeyToPath)
    }
  ],
  "defaultMode": number,
  "optional": boolean
}
Fields
secretName

string

Name of the secret in the container's namespace to use.

items[]

object (KeyToPath)

If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional.

defaultMode

number

Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

optional

boolean

Specify whether the Secret or its keys must be defined.

KeyToPath

Maps a string key to a path within a volume.

JSON representation
{
  "key": string,
  "path": string,
  "mode": number
}
Fields
key

string

The key to project.

path

string

The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

mode

number

Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional

ConfigMapVolumeSource

Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.

JSON representation
{
  "name": string,
  "items": [
    {
      object (KeyToPath)
    }
  ],
  "defaultMode": number,
  "optional": boolean
}
Fields
name

string

Name of the config.

items[]

object (KeyToPath)

If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional.

defaultMode

number

Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

optional

boolean

Specify whether the Secret or its keys must be defined.

Hai trovato utile questa pagina? Facci sapere cosa ne pensi:

Invia feedback per...