View Source API Reference google_api_run v0.30.0

API client metadata for GoogleApi.Run.V1.

API calls for all endpoints tagged Namespaces.

API calls for all endpoints tagged Projects.

Handle Tesla connections for GoogleApi.Run.V1.

Information for connecting over HTTP(s).

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

A domain that a user has been authorized to administer. To authorize use of a domain, verify ownership via Search Console.

Associates members, or principals, with a role.

Storage volume source using the Container Storage Interface.

Request message for cancelling an execution.

Not supported by Cloud Run. ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.

Not supported by Cloud Run.

Not supported by Cloud Run. Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths.

Configuration represents the "floating HEAD" of a linear history of Revisions, and optionally how the containers those revisions reference are built. Users create new Revisions by updating the Configuration's spec. The "latest created" revision's name is available under status, as is the "latest ready" revision's name.

ConfigurationSpec holds the desired state of the Configuration (from the client).

ConfigurationStatus communicates the observed state of the Configuration (from the controller).

A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime.

Per container override specification.

ContainerPort represents a network port in a single container.

Resource to hold the state and status of a user's domain mapping. NOTE: This resource is currently in Beta.

The desired state of the Domain Mapping.

The current state of the Domain Mapping.

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

In memory (tmpfs) ephemeral storage. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs).

Not supported by Cloud Run. EnvFromSource represents the source of a set of ConfigMaps

EnvVar represents an environment variable present in a Container.

EnvVarSource represents a source for the value of an EnvVar.

Not supported by Cloud Run. ExecAction describes a "run in container" action.

Execution represents the configuration of a single execution. An execution is an immutable resource that references a container image which is run to completion.

Reference to an Execution. Use /Executions.GetExecution with the given name to get full execution including the latest status.

ExecutionSpec describes how the execution will look.

ExecutionStatus represents the current state of an Execution.

ExecutionTemplateSpec describes the metadata and spec an Execution should have when created from a job.

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

GRPCAction describes an action involving a GRPC port.

Conditions show the status of reconciliation progress on a given resource. Most resource use a top-level condition type "Ready" or "Completed" to show overall status with other conditions to checkpoint each stage of reconciliation. Note that if metadata.Generation does not equal status.ObservedGeneration, the conditions shown may not be relevant for the current spec.

ApprovalConfig describes configuration for manual approval of a build.

ApprovalResult describes the decision and associated metadata of a manual approval of a build.

Files in the workspace to upload to Cloud Storage upon successful completion of all build steps.

Artifacts produced by a build that should be uploaded upon successful completion of all build steps.

A build resource in the Cloud Build API. At a high level, a Build describes where to find source code, how to build it (for example, the builder image to run on the source), and where to store the built artifacts. Fields can include the following variables, which will be expanded when the build is created: - $PROJECT_ID: the project ID of the build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: the location/region of the build. - $BUILD_ID: the autogenerated ID of the build. - $REPO_NAME: the source repository name specified by RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the specified branch or tag. - $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA.

BuildApproval describes a build's approval configuration, state, and result.

Metadata for build operations.

Optional arguments to enable specific features of builds.

A step in the build pipeline.

An image built by the pipeline.

Location of the source in a 2nd-gen Google Cloud Build repository resource.

A fatal problem encountered during the execution of the build.

Container message for hashes of byte content of files, used in SourceProvenance messages to verify integrity of source input to the build.

Location of the source in any accessible Git repository.

Container message for hash values.

Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.

A Maven artifact to upload to Artifact Registry upon successful completion of all build steps.

Npm package to upload to Artifact Registry upon successful completion of all build steps.

Details about how a build should be executed on a WorkerPool. See running builds in a private pool for more information.

Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository.

Location of the source in a Google Cloud Source Repository.

Artifacts created by the build pipeline.

Pairs a set of secret environment variables containing encrypted values with the Cloud KMS key to use to decrypt the value. Note: Use kmsKeyName with available_secrets instead of using kmsKeyName with secret. For instructions see: https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials.

Pairs a secret environment variable with a SecretVersion in Secret Manager.

Secrets and secret environment variables.

Location of the source in a supported storage service.

Provenance of the source. Ways to find the original source, or verify that some source was used for this build.

Location of the source in an archive file in Cloud Storage.

Location of the source manifest in Cloud Storage. This feature is in Preview; see description here.

Start and end times for a build execution phase.

A Maven artifact uploaded using the MavenArtifact directive.

An npm package uploaded to Artifact Registry using the NpmPackage directive.

Artifact uploaded using the PythonPackage directive.

Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.

A non-fatal problem encountered during the execution of the build.

The response message for Operations.ListOperations.

This resource represents a long-running operation that is the result of a network API call.

The request message for Operations.WaitOperation.

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.

HTTPGetAction describes an action based on HTTP Get requests.

HTTPHeader describes a custom header to be used in HTTP probes

Job represents the configuration of a single job, which references a container image which is run to completion.

JobSpec describes how the job will look.

JobStatus represents the current state of a Job.

Maps a string key to a path within a volume.

A list of Authorized Domains.

ListConfigurationsResponse is a list of Configuration resources.

ListDomainMappingsResponse is a list of DomainMapping resources.

ListExecutionsResponse is a list of Executions resources.

ListJobsResponse is a list of Jobs resources.

The response message for Locations.ListLocations.

Metadata for synthetic resources like List. In Cloud Run, all List Resources Responses will have a ListMeta instead of ObjectMeta.

ListRevisionsResponse is a list of Revision resources.

ListRoutesResponse is a list of Route resources.

A list of Service resources.

ListTasksResponse is a list of Tasks resources.

Not supported by Cloud Run. LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

A resource that represents a Google Cloud location.

Represents a persistent volume that will be mounted using NFS. This volume will be shared between all instances of the resource and data will not be deleted when the instance is shut down.

google.cloud.run.meta.v1.ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

RunJob Overrides that contains Execution fields to be overridden on the go.

This is not supported or used by Cloud Run.

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation.

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

A DNS resource record.

ResourceRequirements describes the compute resource requirements.

Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. See also: https://github.com/knative/specs/blob/main/specs/serving/overview.md#revision

RevisionSpec holds the desired state of the Revision (from the client).

RevisionStatus communicates the observed state of the Revision (from the controller).

RevisionTemplateSpec describes the data a revision should have when created from a template.

Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready" revision changes, and smoothly rolling out latest revisions. Cloud Run currently supports referencing a single Configuration to automatically deploy the "latest ready" Revision from that Configuration.

RouteSpec holds the desired state of the Route (from the client).

RouteStatus communicates the observed state of the Route (from the controller).

Request message for creating a new execution of a job.

Not supported by Cloud Run. SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables.

SecretKeySelector selects a key of a Secret.

A volume representing a secret stored in Google Secret Manager. The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names.

Not supported by Cloud Run. SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own.

ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s).

The current state of the Service. Output only.

Request message for SetIamPolicy method.

Status is a return value for calls that don't return other objects.

StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.

StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.

TCPSocketAction describes an action based on opening a socket

Task represents a single run of a container to completion.

Result of a task attempt.

TaskSpec is a description of a task.

TaskStatus represents the status of a task.

TaskTemplateSpec describes the data a task should have when created from a template.

Request message for TestIamPermissions method.

Response message for TestIamPermissions method.

TrafficTarget holds a single entry of the routing table for a Route.

Volume represents a named volume in a container.

VolumeMount describes a mounting of a Volume within a container.

API client metadata for GoogleApi.Run.V2.

API calls for all endpoints tagged Projects.

Handle Tesla connections for GoogleApi.Run.V2.

Settings for Binary Authorization feature.

Request message for deleting an Execution.

Represents a set of Cloud SQL instances. Each one will be available under /cloudsql/[instance]. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run.

Defines a status condition for a resource.

A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments can be supplied by the system to the container at runtime.

Per-container override specification.

ContainerPort represents a network port in a single container.

In memory (tmpfs) ephemeral storage. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs).

EnvVar represents an environment variable present in a Container.

EnvVarSource represents a source for the value of an EnvVar.

Execution represents the configuration of a single execution. A execution an immutable resource that references a container image which is run to completion.

Reference to an Execution. Use /Executions.GetExecution with the given name to get full execution including the latest status.

ExecutionTemplate describes the data an execution should have when created from a template.

Request message for exporting Cloud Run image.

ExportImageResponse contains an operation Id to track the image export operation.

ExportStatusResponse contains the status of image export operation, with the status of each image export job.

Represents a volume backed by a Cloud Storage bucket using Cloud Storage FUSE.

GRPCAction describes an action involving a GRPC port.

HTTPGetAction describes an action based on HTTP Get requests.

HTTPHeader describes a custom header to be used in HTTP probes

The status of an image export job.

Job represents the configuration of a single job, which references a container image that is run to completion.

Response message containing a list of Executions.

Response message containing a list of Jobs.

Response message containing a list of Revisions.

Response message containing a list of Services.

Response message containing a list of Tasks.

Metadata represents the JSON encoded generated customer metadata.

Represents an NFS mount.

Direct VPC egress settings.

RunJob Overrides that contains Execution fields to be overridden.

Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.

ResourceRequirements describes the compute resource requirements.

A Revision is an immutable snapshot of code and configuration. A Revision references a container image. Revisions are only created by updates to its parent Service.

Settings for revision-level scaling settings.

Effective settings for the current revision

RevisionTemplate describes the data a revision should have when created from a template.

Request message to create a new Execution of a Job.

SecretEnvVarSource represents a source for the value of an EnvVar.

The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret.

Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership.

Scaling settings applied at the service level rather than at the revision level.

TCPSocketAction describes an action based on opening a socket

Task represents a single run of a container to completion.

Result of a task attempt.

TaskTemplate describes the data a task should have when created from a template.

Holds a single traffic routing entry for the Service. Allocations can be done to a specific Revision name, or pointing to the latest Ready Revision.

Represents the observed state of a single TrafficTarget entry.

VersionToPath maps a specific version of a secret to a relative file to mount to, relative to VolumeMount's mount_path.

Volume represents a named volume in a container.

VolumeMount describes a mounting of a Volume within a container.

VPC Access settings. For more information on sending traffic to a VPC network, visit https://cloud.google.com/run/docs/configuring/connecting-vpc.

ApprovalConfig describes configuration for manual approval of a build.

ApprovalResult describes the decision and associated metadata of a manual approval of a build.

Files in the workspace to upload to Cloud Storage upon successful completion of all build steps.

Artifacts produced by a build that should be uploaded upon successful completion of all build steps.

A build resource in the Cloud Build API. At a high level, a Build describes where to find source code, how to build it (for example, the builder image to run on the source), and where to store the built artifacts. Fields can include the following variables, which will be expanded when the build is created: - $PROJECT_ID: the project ID of the build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: the location/region of the build. - $BUILD_ID: the autogenerated ID of the build. - $REPO_NAME: the source repository name specified by RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the specified branch or tag. - $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA.

BuildApproval describes a build's approval configuration, state, and result.

Metadata for build operations.

Optional arguments to enable specific features of builds.

A step in the build pipeline.

An image built by the pipeline.

Location of the source in a 2nd-gen Google Cloud Build repository resource.

A fatal problem encountered during the execution of the build.

Container message for hashes of byte content of files, used in SourceProvenance messages to verify integrity of source input to the build.

Location of the source in any accessible Git repository.

Container message for hash values.

Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.

A Maven artifact to upload to Artifact Registry upon successful completion of all build steps.

Npm package to upload to Artifact Registry upon successful completion of all build steps.

Details about how a build should be executed on a WorkerPool. See running builds in a private pool for more information.

Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository.

Location of the source in a Google Cloud Source Repository.

Artifacts created by the build pipeline.

Pairs a set of secret environment variables containing encrypted values with the Cloud KMS key to use to decrypt the value. Note: Use kmsKeyName with available_secrets instead of using kmsKeyName with secret. For instructions see: https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials.

Pairs a secret environment variable with a SecretVersion in Secret Manager.

Secrets and secret environment variables.

Location of the source in a supported storage service.

Provenance of the source. Ways to find the original source, or verify that some source was used for this build.

Location of the source in an archive file in Cloud Storage.

Location of the source manifest in Cloud Storage. This feature is in Preview; see description here.

Start and end times for a build execution phase.

A Maven artifact uploaded using the MavenArtifact directive.

An npm package uploaded to Artifact Registry using the NpmPackage directive.

Artifact uploaded using the PythonPackage directive.

Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.

A non-fatal problem encountered during the execution of the build.

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

Associates members, or principals, with a role.

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation.

Request message for SetIamPolicy method.

Request message for TestIamPermissions method.

Response message for TestIamPermissions method.

The response message for Operations.ListOperations.

This resource represents a long-running operation that is the result of a network API call.

The request message for Operations.WaitOperation.

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

This is proto2's version of MessageSet.

Wire-format for a Status object