diff --git a/.release-please-manifest.json b/.release-please-manifest.json index f04dd047..a168b4d5 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "2.29.0" + ".": "2.30.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index a52c16fa..8db9a3a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,13 @@ [1]: https://pypi.org/project/google-cloud-container/#history +## [2.30.0](https://github.com/googleapis/python-container/compare/v2.29.0...v2.30.0) (2023-08-11) + + +### Features + +* **v1beta1:** Add preview support for monitoring a cluster's pods for compliance with a provided Binary Authorization platform policy via Binary Authorization Continuous Validation ([#405](https://github.com/googleapis/python-container/issues/405)) ([c5806de](https://github.com/googleapis/python-container/commit/c5806de9c61b1c9855f1c9a5c3fac1ea343e1acc)) + ## [2.29.0](https://github.com/googleapis/python-container/compare/v2.28.0...v2.29.0) (2023-08-09) diff --git a/google/cloud/container/gapic_version.py b/google/cloud/container/gapic_version.py index 07483fa0..5ebb3bec 100644 --- a/google/cloud/container/gapic_version.py +++ b/google/cloud/container/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "2.29.0" # {x-release-please-version} +__version__ = "2.30.0" # {x-release-please-version} diff --git a/google/cloud/container_v1/gapic_version.py b/google/cloud/container_v1/gapic_version.py index 07483fa0..5ebb3bec 100644 --- a/google/cloud/container_v1/gapic_version.py +++ b/google/cloud/container_v1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "2.29.0" # {x-release-please-version} +__version__ = "2.30.0" # {x-release-please-version} diff --git a/google/cloud/container_v1beta1/gapic_version.py b/google/cloud/container_v1beta1/gapic_version.py index 07483fa0..5ebb3bec 100644 --- a/google/cloud/container_v1beta1/gapic_version.py +++ b/google/cloud/container_v1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "2.29.0" # {x-release-please-version} +__version__ = "2.30.0" # {x-release-please-version} diff --git a/google/cloud/container_v1beta1/types/cluster_service.py b/google/cloud/container_v1beta1/types/cluster_service.py index 0cf6c798..e6e75f80 100644 --- a/google/cloud/container_v1beta1/types/cluster_service.py +++ b/google/cloud/container_v1beta1/types/cluster_service.py @@ -2558,6 +2558,9 @@ class BinaryAuthorization(proto.Message): Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED. + policy_bindings (MutableSequence[google.cloud.container_v1beta1.types.BinaryAuthorization.PolicyBinding]): + Optional. Binauthz policies that apply to + this cluster. """ class EvaluationMode(proto.Enum): @@ -2573,10 +2576,39 @@ class EvaluationMode(proto.Enum): BinaryAuthorization using the project's singleton policy. This is equivalent to setting the enabled boolean to true. + POLICY_BINDINGS (5): + Use Binary Authorization with the policies specified in + policy_bindings. + POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE (6): + Use Binary Authorization with the policies specified in + policy_bindings, and also with the project's singleton + policy in enforcement mode. """ EVALUATION_MODE_UNSPECIFIED = 0 DISABLED = 1 PROJECT_SINGLETON_POLICY_ENFORCE = 2 + POLICY_BINDINGS = 5 + POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE = 6 + + class PolicyBinding(proto.Message): + r"""Binauthz policy that applies to this cluster. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + The relative resource name of the binauthz platform policy + to audit. GKE platform policies have the following format: + ``projects/{project_number}/platforms/gke/policies/{policy_id}``. + + This field is a member of `oneof`_ ``_name``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + optional=True, + ) enabled: bool = proto.Field( proto.BOOL, @@ -2587,6 +2619,11 @@ class EvaluationMode(proto.Enum): number=2, enum=EvaluationMode, ) + policy_bindings: MutableSequence[PolicyBinding] = proto.RepeatedField( + proto.MESSAGE, + number=5, + message=PolicyBinding, + ) class PodSecurityPolicyConfig(proto.Message): diff --git a/samples/generated_samples/snippet_metadata_google.container.v1.json b/samples/generated_samples/snippet_metadata_google.container.v1.json index 9383e34f..66ab46d0 100644 --- a/samples/generated_samples/snippet_metadata_google.container.v1.json +++ b/samples/generated_samples/snippet_metadata_google.container.v1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-container", - "version": "2.29.0" + "version": "2.30.0" }, "snippets": [ { diff --git a/samples/generated_samples/snippet_metadata_google.container.v1beta1.json b/samples/generated_samples/snippet_metadata_google.container.v1beta1.json index 40466ef6..86367ed7 100644 --- a/samples/generated_samples/snippet_metadata_google.container.v1beta1.json +++ b/samples/generated_samples/snippet_metadata_google.container.v1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-container", - "version": "2.29.0" + "version": "2.30.0" }, "snippets": [ {