# UpdateRepository updates a repository configuration

UpdateRepository updates a repository configuration.

Endpoint: PUT /gitops/api/v1/agents/{agentIdentifier}/repositories/{identifier}
Version: 1.0
Security: x-api-key

## Path parameters:

  - `agentIdentifier` (string, required)
    Agent identifier for entity.

  - `identifier` (string, required)

## Query parameters:

  - `accountIdentifier` (string)
    Account Identifier for the Entity.

  - `orgIdentifier` (string)
    Organization Identifier for the Entity.

  - `projectIdentifier` (string)
    Project Identifier for the Entity.

## Request fields (application/json):

  - `repo` (object)

  - `repo.repo` (string)

  - `repo.username` (string)

  - `repo.password` (string)

  - `repo.sshPrivateKey` (string)
    SSHPrivateKey contains the PEM data for authenticating at the repo server. Only used with Git repos.

  - `repo.connectionState` (object)

  - `repo.connectionState.status` (string)

  - `repo.connectionState.message` (string)

  - `repo.connectionState.attemptedAt` (object)
    Time is a wrapper around time.Time which supports correct
marshaling to YAML and JSON.  Wrappers are provided for many
of the factory methods that the time package offers.

+protobuf.options.marshal=false
+protobuf.as=Timestamp
+protobuf.options.(gogoproto.goproto_stringer)=false

  - `repo.connectionState.attemptedAt.seconds` (string)
    Represents seconds of UTC time since Unix epoch
1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
9999-12-31T23:59:59Z inclusive.

  - `repo.connectionState.attemptedAt.nanos` (integer)
    Non-negative fractions of a second at nanosecond resolution. Negative
second values with fractions must still have non-negative nanos values
that count forward in time. Must be from 0 to 999,999,999
inclusive. This field may be limited in precision depending on context.

  - `repo.connectionState.attemptedAtTs` (string)

  - `repo.insecureIgnoreHostKey` (boolean)

  - `repo.insecure` (boolean)

  - `repo.enableLfs` (boolean)
    EnableLFS specifies whether git-lfs support should be enabled for this repo. Only valid for Git repositories.

  - `repo.tlsClientCertData` (string)

  - `repo.tlsClientCertKey` (string)

  - `repo.type` (string)
    Type specifies the type of the repo. Can be either "git" or "helm. "git" is assumed if empty or absent.

  - `repo.name` (string)

  - `repo.inheritedCreds` (boolean)

  - `repo.enableOCI` (boolean)

  - `repo.githubAppPrivateKey` (string)

  - `repo.githubAppID` (string)

  - `repo.githubAppInstallationID` (string)

  - `repo.githubAppEnterpriseBaseUrl` (string)

  - `repo.proxy` (string)

  - `repo.project` (string)

  - `repo.connectionType` (string)

  - `repo.forceHttpBasicAuth` (boolean)

  - `repo.noProxy` (string)

  - `repo.useAzureWorkloadIdentity` (boolean)

  - `repo.bearerToken` (string)

  - `repo.insecureOCIForceHttp` (boolean)
    InsecureOCIForceHttp specifies whether the connection to the repository uses TLS at _all_. If true, no TLS. This flag is applicable for OCI repos only.

  - `repo.depth` (string)
    Depth specifies the depth for shallow clones. A value of 0 or omitting the field indicates a full clone.

  - `updateMask` (object)
    paths: "f.a"
    paths: "f.b.d"

Here f represents a field in some root message, a and b
fields in the message found in f, and d a field found in the
message in f.b.

Field masks are used to specify a subset of fields that should be
returned by a get operation or modified by an update operation.
Field masks also have a custom JSON encoding (see below).

# Field Masks in Projections

When used in the context of a projection, a response message or
sub-message is filtered by the API to only contain those fields as
specified in the mask. For example, if the mask in the previous
example is applied to a response message as follows:

    f {
      a : 22
      b {
        d : 1
        x : 2
      }
      y : 13
    }
    z: 8

The result will not contain specific values for fields x,y and z
(their value will be set to the default, and omitted in proto text
output):


    f {
      a : 22
      b {
        d : 1
      }
    }

A repeated field is not allowed except at the last position of a
paths string.

If a FieldMask object is not present in a get operation, the
operation applies to all fields (as if a FieldMask of all fields
had been specified).

Note that a field mask does not necessarily apply to the
top-level response message. In case of a REST get operation, the
field mask applies directly to the response, but in case of a REST
list operation, the mask instead applies to each individual message
in the returned resource list. In case of a REST custom method,
other definitions may be used. Where the mask applies will be
clearly documented together with its declaration in the API.  In
any case, the effect on the returned resource/resources is required
behavior for APIs.

# Field Masks in Update Operations

A field mask in update operations specifies which fields of the
targeted resource are going to be updated. The API is required
to only change the values of the fields as specified in the mask
and leave the others untouched. If a resource is passed in to
describe the updated values, the API ignores the values of all
fields not covered by the mask.

If a repeated field is specified for an update operation, new values will
be appended to the existing repeated field in the target resource. Note that
a repeated field is only allowed in the last position of a paths string.

If a sub-message is specified in the last position of the field mask for an
update operation, then new value will be merged into the existing sub-message
in the target resource.

For example, given the target message:

    f {
      b {
        d: 1
        x: 2
      }
      c: [1]
    }

And an update message:

    f {
      b {
        d: 10
      }
      c: [2]
    }

then if the field mask is:

 paths: ["f.b", "f.c"]

then the result will be:

    f {
      b {
        d: 10
        x: 2
      }
      c: [1, 2]
    }

An implementation may provide options to override this default behavior for
repeated and message fields.

In order to reset a field's value to the default, the field must
be in the mask and set to the default value in the provided resource.
Hence, in order to reset all fields of a resource, provide a default
instance of the resource and set all fields in the mask, or do
not provide a mask as described below.

If a field mask is not present on update, the operation applies to
all fields (as if a field mask of all fields has been specified).
Note that in the presence of schema evolution, this may mean that
fields the client does not know and has therefore not filled into
the request will be reset to their default. If this is unwanted
behavior, a specific service may require a client to always specify
a field mask, producing an error if not.

As with get operations, the location of the resource which
describes the updated values in the request message depends on the
operation kind. In any case, the effect of the field mask is
required to be honored by the API.

## Considerations for HTTP REST

The HTTP kind of an update operation which uses a field mask must
be set to PATCH instead of PUT in order to satisfy HTTP semantics
(PUT must only be used for full updates).

# JSON Encoding of Field Masks

In JSON, a field mask is encoded as a single string where paths are
separated by a comma. Fields name in each path are converted
to/from lower-camel naming conventions.

As an example, consider the following message declarations:

    message Profile {
      User user = 1;
      Photo photo = 2;
    }
    message User {
      string display_name = 1;
      string address = 2;
    }

In proto a field mask for Profile may look as such:

    mask {
      paths: "user.display_name"
      paths: "photo"
    }

In JSON, the same mask is represented as below:

    {
      mask: "user.displayName,photo"
    }

# Field Masks and Oneof Fields

Field masks treat fields in oneofs just as regular fields. Consider the
following message:

    message SampleMessage {
      oneof test_oneof {
        string name = 4;
        SubMessage sub_message = 9;
      }
    }

The field mask can be:

    mask {
      paths: "name"
    }

Or:

    mask {
      paths: "sub_message"
    }

Note that oneof type names ("test_oneof" in this case) cannot be used in
paths.

## Field Mask Verification

The implementation of any API method which has a FieldMask type field in the
request should verify the included field paths, and return an
INVALID_ARGUMENT error if any path is unmappable.

  - `updateMask.paths` (array)
    The set of field mask paths.

  - `genType` (string)
    Enum: "UNSET", "AWS_ECR", "GOOGLE_GCR"

  - `ecrGen` (object)
    ECRAuthorizationTokenSpec represents externalSecret for ECR External Secret Operator generator.

  - `ecrGen.region` (string)

  - `ecrGen.secretRef` (object)

  - `ecrGen.secretRef.awsAccessKeyID` (string)

  - `ecrGen.secretRef.awsSecretAccessKey` (string)

  - `ecrGen.secretRef.awsSessionToken` (string)

  - `ecrGen.jwtAuth` (object)

  - `ecrGen.jwtAuth.name` (string)

  - `ecrGen.jwtAuth.namespace` (string)

  - `ecrGen.jwtAuth.audiences` (array)

  - `ecrGen.role` (string)

  - `gcrGen` (object)

  - `gcrGen.projectID` (string)

  - `gcrGen.accessKey` (string)

  - `gcrGen.workloadIdentity` (object)

  - `gcrGen.workloadIdentity.serviceAccountRef` (object)

  - `gcrGen.workloadIdentity.clusterLocation` (string)

  - `gcrGen.workloadIdentity.clusterName` (string)

  - `gcrGen.workloadIdentity.clusterProjectID` (string)

  - `refreshInterval` (string)
    refreshInterval in format 1s, 1m, 1h...

## Response 200 fields (application/json):

  - `accountIdentifier` (string)
    Account Identifier for the Entity.

  - `orgIdentifier` (string)
    Organization Identifier for the Entity.

  - `projectIdentifier` (string)
    Project Identifier for the Entity.

  - `agentIdentifier` (string)
    Agent identifier for entity.

  - `identifier` (string)

  - `repository` (object)

  - `createdAt` (string)

  - `lastModifiedAt` (string)

  - `stale` (boolean)

  - `repositoryCredentialsId` (string)

## Response default fields (application/json):

  - `error` (string)

  - `code` (integer)

  - `message` (string)

  - `details` (array)

  - `details.type_url` (string)
    A URL/resource name that uniquely identifies the type of the serialized
protocol buffer message. This string must contain at least
one "/" character. The last segment of the URL's path must represent
the fully qualified name of the type (as in
path/google.protobuf.Duration). The name should be in a canonical form
(e.g., leading "." is not accepted).

In practice, teams usually precompile into the binary all types that they
expect it to use in the context of Any. However, for URLs which use the
scheme http, https, or no scheme, one can optionally set up a type
server that maps type URLs to message definitions as follows:

* If no scheme is provided, https is assumed.
* An HTTP GET on the URL must yield a [google.protobuf.Type][]
  value in binary format, or produce an error.
* Applications are allowed to cache lookup results based on the
  URL, or have them precompiled into a binary to avoid any
  lookup. Therefore, binary compatibility needs to be preserved
  on changes to types. (Use versioned type names to manage
  breaking changes.)

Note: this functionality is not currently available in the official
protobuf release, and it is not used for type URLs beginning with
type.googleapis.com.

Schemes other than http, https (or the empty scheme) might be
used with implementation specific semantics.

  - `details.value` (string)
    Must be a valid serialized protocol buffer of the above specified type.


