docs(google-cloud-batch): refine proto comment for run_as_non_root (googleapis#24837)

gcf-owl-bot[bot] · web-flow · commit 28a9433bf65f · 2024-02-21T22:07:13.000+05:30
diff --git a/google-cloud-batch-v1/README.md b/google-cloud-batch-v1/README.md
@@ -1,6 +1,6 @@
 # Ruby Client for the Batch V1 API
 
-An API to manage the running of batch jobs on Google Cloud Platform.
+An API to manage the running of batch resources on Google Cloud Platform.
 
 Google Cloud Batch is a fully managed service used by scientists, VFX artists, developers to easily and efficiently run batch workloads on Google Cloud. This service manages provisioning of resources to satisfy the requirements of the batch jobs for a variety of workloads including ML, HPC, VFX rendering, transcoding, genomics and others.
 
diff --git a/google-cloud-batch-v1/google-cloud-batch-v1.gemspec b/google-cloud-batch-v1/google-cloud-batch-v1.gemspec
@@ -10,7 +10,7 @@ Gem::Specification.new do |gem|
   gem.authors       = ["Google LLC"]
   gem.email         = "googleapis-packages@google.com"
   gem.description   = "Google Cloud Batch is a fully managed service used by scientists, VFX artists, developers to easily and efficiently run batch workloads on Google Cloud. This service manages provisioning of resources to satisfy the requirements of the batch jobs for a variety of workloads including ML, HPC, VFX rendering, transcoding, genomics and others. Note that google-cloud-batch-v1 is a version-specific client library. For most uses, we recommend installing the main client library google-cloud-batch instead. See the readme for more details."
-  gem.summary       = "An API to manage the running of batch jobs on Google Cloud Platform."
+  gem.summary       = "An API to manage the running of batch resources on Google Cloud Platform."
   gem.homepage      = "https://github.com/googleapis/google-cloud-ruby"
   gem.license       = "Apache-2.0"
 
diff --git a/google-cloud-batch-v1/proto_docs/google/cloud/batch/v1/job.rb b/google-cloud-batch-v1/proto_docs/google/cloud/batch/v1/job.rb
@@ -653,17 +653,18 @@ module ProvisioningModel
         #   @return [::Boolean]
         #     When true, Batch will populate a file with a list of all VMs assigned to
         #     the TaskGroup and set the BATCH_HOSTS_FILE environment variable to the path
-        #     of that file. Defaults to false.
+        #     of that file. Defaults to false. The host file supports up to 1000 VMs.
         # @!attribute [rw] permissive_ssh
         #   @return [::Boolean]
         #     When true, Batch will configure SSH to allow passwordless login between
         #     VMs running the Batch tasks in the same TaskGroup.
         # @!attribute [rw] run_as_non_root
         #   @return [::Boolean]
-        #     Optional. If not set or set to false, Batch will use root user to execute
-        #     runnables. If set to true, Batch will make sure to run the runnables using
-        #     non-root user. Currently, the non-root user Batch used is generated by OS
-        #     login. Reference: https://cloud.google.com/compute/docs/oslogin
+        #     Optional. If not set or set to false, Batch uses the root user to execute
+        #     runnables. If set to true, Batch runs the runnables using a non-root user.
+        #     Currently, the non-root user Batch used is generated by OS Login. For more
+        #     information, see [About OS
+        #     Login](https://cloud.google.com/compute/docs/oslogin).
         class TaskGroup
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
diff --git a/google-cloud-batch-v1/proto_docs/google/cloud/batch/v1/task.rb b/google-cloud-batch-v1/proto_docs/google/cloud/batch/v1/task.rb
@@ -229,14 +229,39 @@ class Runnable
           #     `container.options` field.
           # @!attribute [rw] username
           #   @return [::String]
-          #     Optional username for logging in to a docker registry. If username
-          #     matches `projects/*/secrets/*/versions/*` then Batch will read the
-          #     username from the Secret Manager.
+          #     Required if the container image is from a private Docker registry. The
+          #     username to login to the Docker registry that contains the image.
+          #
+          #     You can either specify the username directly by using plain text or
+          #     specify an encrypted username by using a Secret Manager secret:
+          #     `projects/*/secrets/*/versions/*`. However, using a secret is
+          #     recommended for enhanced security.
+          #
+          #     Caution: If you specify the username using plain text, you risk the
+          #     username being exposed to any users who can view the job or its logs.
+          #     To avoid this risk, specify a secret that contains the username instead.
+          #
+          #     Learn more about [Secret
+          #     Manager](https://cloud.google.com/secret-manager/docs/) and [using
+          #     Secret Manager with
+          #     Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager).
           # @!attribute [rw] password
           #   @return [::String]
-          #     Optional password for logging in to a docker registry. If password
-          #     matches `projects/*/secrets/*/versions/*` then Batch will read the
-          #     password from the Secret Manager;
+          #     Required if the container image is from a private Docker registry. The
+          #     password to login to the Docker registry that contains the image.
+          #
+          #     For security, it is strongly recommended to specify an
+          #     encrypted password by using a Secret Manager secret:
+          #     `projects/*/secrets/*/versions/*`.
+          #
+          #     Warning: If you specify the password using plain text, you risk the
+          #     password being exposed to any users who can view the job or its logs.
+          #     To avoid this risk, specify a secret that contains the password instead.
+          #
+          #     Learn more about [Secret
+          #     Manager](https://cloud.google.com/secret-manager/docs/) and [using
+          #     Secret Manager with
+          #     Batch](https://cloud.google.com/batch/docs/create-run-job-secret-manager).
           # @!attribute [rw] enable_image_streaming
           #   @return [::Boolean]
           #     Optional. If set to true, this container runnable uses Image streaming.
@@ -271,7 +296,7 @@ class Container
           #     first line of the file.(For example, to execute the script using bash,
           #     `#!/bin/bash` should be the first line of the file. To execute the
           #     script using`Python3`, `#!/usr/bin/env python3` should be the first
-          #     line of the file.) Otherwise, the file will by default be excuted by
+          #     line of the file.) Otherwise, the file will by default be executed by
           #     `/bin/sh`.
           # @!attribute [rw] text
           #   @return [::String]
@@ -281,7 +306,7 @@ class Container
           #     beginning of the text.(For example, to execute the script using bash,
           #     `#!/bin/bash\n` should be added. To execute the script using`Python3`,
           #     `#!/usr/bin/env python3\n` should be added.) Otherwise, the script will
-          #     by default be excuted by `/bin/sh`.
+          #     by default be executed by `/bin/sh`.
           class Script
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
