From 0776a9b39bceedc09f37af09ec35bdb181df2019 Mon Sep 17 00:00:00 2001 From: Marcos Date: Wed, 19 Dec 2018 15:12:32 -0300 Subject: [PATCH] Prevent to change Server's trust domain (#644) * validate trust domain when starting server to prevent changes in trust domains Signed-off-by: Marcos Yacob --- pkg/server/plugin/datastore/sql/sql.go | 86 ++++- pkg/server/plugin/datastore/sql/sql_test.go | 381 +++++++++++++++++++ pkg/server/server.go | 68 +++- pkg/server/server_test.go | 122 +++++- proto/server/datastore/README_pb.md | 21 ++ proto/server/datastore/datastore.pb.go | 387 ++++++++++++-------- proto/server/datastore/datastore.proto | 9 + test/fakes/fakedatastore/fakedatastore.go | 44 ++- 8 files changed, 953 insertions(+), 165 deletions(-) diff --git a/pkg/server/plugin/datastore/sql/sql.go b/pkg/server/plugin/datastore/sql/sql.go index 6b508c99b5..e8fa21700c 100644 --- a/pkg/server/plugin/datastore/sql/sql.go +++ b/pkg/server/plugin/datastore/sql/sql.go @@ -5,6 +5,7 @@ import ( "context" "errors" "fmt" + "strconv" "strings" "sync" "time" @@ -13,7 +14,7 @@ import ( "github.com/hashicorp/hcl" "github.com/jinzhu/gorm" _ "github.com/jinzhu/gorm/dialects/sqlite" - "github.com/satori/go.uuid" + uuid "github.com/satori/go.uuid" "github.com/spiffe/spire/pkg/common/bundleutil" "github.com/spiffe/spire/pkg/common/idutil" "github.com/spiffe/spire/pkg/common/selector" @@ -646,6 +647,16 @@ func fetchAttestedNode(tx *gorm.DB, req *datastore.FetchAttestedNodeRequest) (*d } func listAttestedNodes(tx *gorm.DB, req *datastore.ListAttestedNodesRequest) (*datastore.ListAttestedNodesResponse, error) { + p := req.Pagination + var err error + if p != nil && p.PageSize > 0 { + tx, err = applyPagination(p, tx) + + if err != nil { + return nil, err + } + } + if req.ByExpiresBefore != nil { tx = tx.Where("expires_at < ?", time.Unix(req.ByExpiresBefore.Value, 0)) } @@ -655,8 +666,14 @@ func listAttestedNodes(tx *gorm.DB, req *datastore.ListAttestedNodesRequest) (*d return nil, sqlError.Wrap(err) } + if p != nil && p.PageSize > 0 && len(models) > 0 { + lastEntry := models[len(models)-1] + p.Token = fmt.Sprint(lastEntry.ID) + } + resp := &datastore.ListAttestedNodesResponse{ - Nodes: make([]*datastore.AttestedNode, 0, len(models)), + Nodes: make([]*datastore.AttestedNode, 0, len(models)), + Pagination: p, } for _, model := range models { @@ -822,6 +839,8 @@ func fetchRegistrationEntry(tx *gorm.DB, func listRegistrationEntries(tx *gorm.DB, req *datastore.ListRegistrationEntriesRequest) (*datastore.ListRegistrationEntriesResponse, error) { + var p *datastore.Pagination + var err error // list of selector sets to match against var selectorsList [][]*common.Selector @@ -851,7 +870,8 @@ func listRegistrationEntries(tx *gorm.DB, if len(selectorsList) == 0 { // no selectors to filter against. var entries []RegisteredEntry - if err := entryTx.Find(&entries).Error; err != nil { + entries, p, err = findRegisteredEntries(entryTx, req.Pagination) + if err != nil { return nil, sqlError.Wrap(err) } @@ -861,7 +881,8 @@ func listRegistrationEntries(tx *gorm.DB, } return &datastore.ListRegistrationEntriesResponse{ - Entries: respEntries, + Entries: respEntries, + Pagination: p, }, nil } @@ -892,9 +913,11 @@ func listRegistrationEntries(tx *gorm.DB, // fetch the entries in the id set, filtered by any parent/spiffe id filters // applied globally + db := entryTx.Where(entryIDs) var models []RegisteredEntry - if err := entryTx.Where(entryIDs).Find(&models).Error; err != nil { - return nil, sqlError.Wrap(err) + models, p, err = findRegisteredEntries(db, req.Pagination) + if err != nil { + return nil, err } for _, model := range models { @@ -919,10 +942,59 @@ func listRegistrationEntries(tx *gorm.DB, } return &datastore.ListRegistrationEntriesResponse{ - Entries: entries, + Entries: entries, + Pagination: p, }, nil } +// applyPagination add order limit and token to current query +func applyPagination(p *datastore.Pagination, entryTx *gorm.DB) (*gorm.DB, error) { + if p.Token == "" { + p.Token = "0" + } + + id, err := strconv.ParseUint(p.Token, 10, 32) + if err != nil { + return nil, fmt.Errorf("could not parse token '%v'", p.Token) + } + return entryTx.Order("id asc").Limit(p.PageSize).Where("id > ?", id), nil +} + +// update pagination token based in last result in returned list +func updatePaginationToken(p *datastore.Pagination, entries []RegisteredEntry) { + if len(entries) == 0 { + return + } + lastEntry := (entries)[len(entries)-1] + p.Token = fmt.Sprint(lastEntry.ID) +} + +// find registered entries using pagination in case it is configured +func findRegisteredEntries(entryTx *gorm.DB, p *datastore.Pagination) ([]RegisteredEntry, *datastore.Pagination, error) { + var entries []RegisteredEntry + var err error + + // if pagination is not nil and page size is greater than 0, add pagination + if p != nil && p.PageSize > 0 { + entryTx, err = applyPagination(p, entryTx) + + if err != nil { + return nil, nil, err + } + } + + // find by results + if err := entryTx.Find(&entries).Error; err != nil { + return nil, nil, sqlError.Wrap(err) + } + + if p != nil && p.PageSize > 0 { + updatePaginationToken(p, entries) + } + + return entries, p, nil +} + func updateRegistrationEntry(tx *gorm.DB, req *datastore.UpdateRegistrationEntryRequest) (*datastore.UpdateRegistrationEntryResponse, error) { diff --git a/pkg/server/plugin/datastore/sql/sql_test.go b/pkg/server/plugin/datastore/sql/sql_test.go index ab139903c1..ed66bbdad2 100644 --- a/pkg/server/plugin/datastore/sql/sql_test.go +++ b/pkg/server/plugin/datastore/sql/sql_test.go @@ -244,6 +244,188 @@ func (s *PluginSuite) TestFetchStaleNodes() { s.Equal([]*datastore.AttestedNode{epast}, sresp.Nodes) } +func (s *PluginSuite) TestFetchAttestedNodesWithPagination() { + // Create all necessary nodes + aNode1 := &datastore.AttestedNode{ + SpiffeId: "node1", + AttestationDataType: "aws-tag", + CertSerialNumber: "badcafe", + CertNotAfter: time.Now().Add(-time.Hour).Unix(), + } + + aNode2 := &datastore.AttestedNode{ + SpiffeId: "node2", + AttestationDataType: "aws-tag", + CertSerialNumber: "deadbeef", + CertNotAfter: time.Now().Add(time.Hour).Unix(), + } + + aNode3 := &datastore.AttestedNode{ + SpiffeId: "node3", + AttestationDataType: "aws-tag", + CertSerialNumber: "badcafe", + CertNotAfter: time.Now().Add(-time.Hour).Unix(), + } + + aNode4 := &datastore.AttestedNode{ + SpiffeId: "node4", + AttestationDataType: "aws-tag", + CertSerialNumber: "badcafe", + CertNotAfter: time.Now().Add(-time.Hour).Unix(), + } + + _, err := s.ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{Node: aNode1}) + s.Require().NoError(err) + + _, err = s.ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{Node: aNode2}) + s.Require().NoError(err) + + _, err = s.ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{Node: aNode3}) + s.Require().NoError(err) + + _, err = s.ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{Node: aNode4}) + s.Require().NoError(err) + + tests := []struct { + name string + pagination *datastore.Pagination + byExpiresBefore *wrappers.Int64Value + expectedList []*datastore.AttestedNode + expectedPagination *datastore.Pagination + }{ + { + name: "pagination_without_token", + pagination: &datastore.Pagination{ + PageSize: 2, + }, + expectedList: []*datastore.AttestedNode{aNode1, aNode2}, + expectedPagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + }, + { + name: "pagination_not_null_but_page_size_is_zero", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 0, + }, + expectedList: []*datastore.AttestedNode{aNode1, aNode2, aNode3, aNode4}, + expectedPagination: &datastore.Pagination{ + Token: "0", + PageSize: 0, + }, + }, + { + name: "get_all_nodes_first_page", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 2, + }, + expectedList: []*datastore.AttestedNode{aNode1, aNode2}, + expectedPagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + }, + { + name: "get_all_nodes_second_page", + pagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + expectedList: []*datastore.AttestedNode{aNode3, aNode4}, + expectedPagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + }, + { + name: "get_all_nodes_third_page_no_results", + expectedList: []*datastore.AttestedNode{}, + pagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + expectedPagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + }, + { + name: "get_nodes_by_expire_before_get_only_page_fist_page", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 2, + }, + byExpiresBefore: &wrappers.Int64Value{ + Value: time.Now().Unix(), + }, + expectedList: []*datastore.AttestedNode{aNode1, aNode3}, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + }, + { + name: "get_nodes_by_expire_before_get_only_page_second_page", + pagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + byExpiresBefore: &wrappers.Int64Value{ + Value: time.Now().Unix(), + }, + expectedList: []*datastore.AttestedNode{aNode4}, + expectedPagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + }, + { + name: "get_nodes_by_expire_before_get_only_page_third_page_no_resultds", + pagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + byExpiresBefore: &wrappers.Int64Value{ + Value: time.Now().Unix(), + }, + expectedList: []*datastore.AttestedNode{}, + expectedPagination: &datastore.Pagination{ + Token: "4", + PageSize: 2, + }, + }, + } + for _, test := range tests { + s.T().Run(test.name, func(t *testing.T) { + resp, err := s.ds.ListAttestedNodes(ctx, &datastore.ListAttestedNodesRequest{ + ByExpiresBefore: test.byExpiresBefore, + Pagination: test.pagination, + }) + require.NoError(t, err) + require.NotNil(t, resp) + + expectedResponse := &datastore.ListAttestedNodesResponse{ + Nodes: test.expectedList, + Pagination: test.expectedPagination, + } + require.Equal(t, expectedResponse, resp) + }) + } + + // with invalid token + resp, err := s.ds.ListAttestedNodes(ctx, &datastore.ListAttestedNodesRequest{ + Pagination: &datastore.Pagination{ + Token: "invalid int", + PageSize: 10, + }, + }) + s.Require().Nil(resp) + s.Require().Error(err, "could not parse token 'invalid int'") +} + func (s *PluginSuite) TestUpdateAttestedNode() { node := &datastore.AttestedNode{ SpiffeId: "foo", @@ -433,6 +615,205 @@ func (s *PluginSuite) TestFetchRegistrationEntries() { s.Equal(expectedResponse, resp) } +func (s *PluginSuite) TestFetchRegistrationEntriesWithPagination() { + entry1 := s.createRegistrationEntry(&common.RegistrationEntry{ + Selectors: []*common.Selector{ + {Type: "Type1", Value: "Value1"}, + {Type: "Type2", Value: "Value2"}, + {Type: "Type3", Value: "Value3"}, + }, + SpiffeId: "spiffe://example.org/foo", + ParentId: "spiffe://example.org/bar", + Ttl: 1, + }) + + entry2 := s.createRegistrationEntry(&common.RegistrationEntry{ + Selectors: []*common.Selector{ + {Type: "Type3", Value: "Value3"}, + {Type: "Type4", Value: "Value4"}, + {Type: "Type5", Value: "Value5"}, + }, + SpiffeId: "spiffe://example.org/baz", + ParentId: "spiffe://example.org/bat", + Ttl: 2, + }) + + entry3 := s.createRegistrationEntry(&common.RegistrationEntry{ + Selectors: []*common.Selector{ + {Type: "Type1", Value: "Value1"}, + {Type: "Type2", Value: "Value2"}, + {Type: "Type3", Value: "Value3"}, + }, + SpiffeId: "spiffe://example.org/tez", + ParentId: "spiffe://example.org/taz", + Ttl: 2, + }) + + selectors := []*common.Selector{ + {Type: "Type1", Value: "Value1"}, + {Type: "Type2", Value: "Value2"}, + {Type: "Type3", Value: "Value3"}, + } + + tests := []struct { + name string + pagination *datastore.Pagination + selectors []*common.Selector + expectedList []*common.RegistrationEntry + expectedPagination *datastore.Pagination + }{ + { + name: "pagination_without_token", + pagination: &datastore.Pagination{ + PageSize: 2, + }, + expectedList: []*common.RegistrationEntry{entry2, entry1}, + expectedPagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + }, + { + name: "pagination_not_null_but_page_size_is_zero", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 0, + }, + expectedList: []*common.RegistrationEntry{entry2, entry1, entry3}, + expectedPagination: &datastore.Pagination{ + Token: "0", + PageSize: 0, + }, + }, + { + name: "get_all_entries_first_page", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 2, + }, + expectedList: []*common.RegistrationEntry{entry2, entry1}, + expectedPagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + }, + { + name: "get_all_entries_second_page", + pagination: &datastore.Pagination{ + Token: "2", + PageSize: 2, + }, + expectedList: []*common.RegistrationEntry{entry3}, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + }, + { + name: "get_all_entries_third_page_no_results", + pagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + }, + { + name: "get_entries_by_selector_get_only_page_fist_page", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 2, + }, + selectors: selectors, + expectedList: []*common.RegistrationEntry{entry1, entry3}, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + }, + { + name: "get_entries_by_selector_get_only_page_second_page_no_results", + pagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + selectors: selectors, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 2, + }, + }, + { + name: "get_entries_by_selector_fist_page", + pagination: &datastore.Pagination{ + Token: "0", + PageSize: 1, + }, + selectors: selectors, + expectedList: []*common.RegistrationEntry{entry1}, + expectedPagination: &datastore.Pagination{ + Token: "1", + PageSize: 1, + }, + }, + { + name: "get_entries_by_selector_second_page", + pagination: &datastore.Pagination{ + Token: "1", + PageSize: 1, + }, + selectors: selectors, + expectedList: []*common.RegistrationEntry{entry3}, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 1, + }, + }, + { + name: "get_entries_by_selector_third_page_no_results", + pagination: &datastore.Pagination{ + Token: "3", + PageSize: 1, + }, + selectors: selectors, + expectedPagination: &datastore.Pagination{ + Token: "3", + PageSize: 1, + }, + }, + } + for _, test := range tests { + s.T().Run(test.name, func(t *testing.T) { + resp, err := s.ds.ListRegistrationEntries(ctx, &datastore.ListRegistrationEntriesRequest{ + BySelectors: &datastore.BySelectors{ + Selectors: test.selectors, + }, + Pagination: test.pagination, + }) + require.NoError(t, err) + require.NotNil(t, resp) + + expectedResponse := &datastore.ListRegistrationEntriesResponse{ + Entries: test.expectedList, + Pagination: test.expectedPagination, + } + require.Equal(t, expectedResponse, resp) + }) + } + + // with invalid token + resp, err := s.ds.ListRegistrationEntries(ctx, &datastore.ListRegistrationEntriesRequest{ + Pagination: &datastore.Pagination{ + Token: "invalid int", + PageSize: 10, + }, + }) + s.Require().Nil(resp) + s.Require().Error(err, "could not parse token 'invalid int'") +} + func (s *PluginSuite) TestUpdateRegistrationEntry() { entry := s.createRegistrationEntry(&common.RegistrationEntry{ Selectors: []*common.Selector{ diff --git a/pkg/server/server.go b/pkg/server/server.go index 8c47f9bb45..ab0a4a09ff 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -24,9 +24,20 @@ import ( "github.com/spiffe/spire/pkg/server/catalog" "github.com/spiffe/spire/pkg/server/endpoints" "github.com/spiffe/spire/pkg/server/svid" + "github.com/spiffe/spire/proto/server/datastore" "google.golang.org/grpc" +) + +const ( + invalidTrustDomainAttestedNode = "An attested node with trust domain '%v' has been detected, " + + "which does not match the configured trust domain of '%v'. Agents may need to be reconfigured to use new trust domain" + invalidTrustDomainRegistrationEntry = "A registration entry with trust domain '%v' has been detected, " + + "which does not match the configured trust domain of '%v'. If you want to change the trust domain, " + + "please delete all existing registration entries" + invalidSpiffeIDRegistrationEntry = "registration entry with id %v is malformed because invalid SPIFFE ID: %v" + invalidSpiffeIDAttestedNode = "could not parse SPIFFE ID %v, from attested node: %v" - _ "golang.org/x/net/trace" + pageSize = 1 ) type Config struct { @@ -131,6 +142,11 @@ func (s *Server) run(ctx context.Context) (err error) { } s.config.Log.Info("plugins started") + err = s.validateTrustDomain(ctx, cat.DataStores()[0]) + if err != nil { + return err + } + // CA manager needs to be initialized before the rotator, otherwise the // server CA plugin won't be able to sign CSRs caManager, err := s.newCAManager(ctx, cat, metrics) @@ -272,3 +288,53 @@ func (s *Server) newEndpointsServer(catalog catalog.Catalog, svidRotator svid.Ro func (s *Server) caCertsPath() string { return path.Join(s.config.DataDir, "certs.json") } + +func (s *Server) validateTrustDomain(ctx context.Context, ds datastore.DataStore) error { + trustDomain := s.config.TrustDomain.Host + + // Get only first page with a single element + fetchResponse, err := ds.ListRegistrationEntries(ctx, &datastore.ListRegistrationEntriesRequest{ + Pagination: &datastore.Pagination{ + Token: "", + PageSize: pageSize, + }}) + + if err != nil { + return err + } + + for _, entry := range fetchResponse.Entries { + id, err := url.Parse(entry.SpiffeId) + if err != nil { + return fmt.Errorf(invalidSpiffeIDRegistrationEntry, entry.EntryId, err) + } + + if id.Host != trustDomain { + return fmt.Errorf(invalidTrustDomainRegistrationEntry, id.Host, trustDomain) + } + } + + // Get only first page with a single element + nodesResponse, err := ds.ListAttestedNodes(ctx, &datastore.ListAttestedNodesRequest{ + Pagination: &datastore.Pagination{ + Token: "", + PageSize: pageSize, + }}) + if err != nil { + return err + } + + for _, node := range nodesResponse.Nodes { + id, err := url.Parse(node.SpiffeId) + if err != nil { + s.config.Log.Warnf(invalidSpiffeIDAttestedNode, node.SpiffeId, err) + continue + } + + if id.Host != trustDomain { + msg := fmt.Sprintf(invalidTrustDomainAttestedNode, id.Host, trustDomain) + s.config.Log.Warn(msg) + } + } + return nil +} diff --git a/pkg/server/server_test.go b/pkg/server/server_test.go index ac9aaeb61e..9a0aa055a4 100644 --- a/pkg/server/server_test.go +++ b/pkg/server/server_test.go @@ -1,15 +1,21 @@ package server import ( + "bytes" + "context" + "fmt" "io/ioutil" "net/url" "os" "testing" "github.com/golang/mock/gomock" - "github.com/spiffe/spire/pkg/common/log" - "github.com/spiffe/spire/test/mock/proto/server/upstreamca" - "github.com/spiffe/spire/test/mock/server/catalog" + "github.com/sirupsen/logrus" + "github.com/spiffe/spire/proto/common" + "github.com/spiffe/spire/proto/server/datastore" + "github.com/spiffe/spire/test/fakes/fakedatastore" + mock_upstreamca "github.com/spiffe/spire/test/mock/proto/server/upstreamca" + mock_catalog "github.com/spiffe/spire/test/mock/server/catalog" "github.com/stretchr/testify/suite" ) @@ -18,6 +24,8 @@ type ServerTestSuite struct { server *Server catalog *mock_catalog.MockCatalog upsCa *mock_upstreamca.MockUpstreamCA + ds *fakedatastore.DataStore + stdout *bytes.Buffer mockCtrl *gomock.Controller } @@ -26,10 +34,17 @@ func (suite *ServerTestSuite) SetupTest() { suite.mockCtrl = gomock.NewController(suite.T()) suite.catalog = mock_catalog.NewMockCatalog(suite.mockCtrl) + suite.ds = fakedatastore.New() suite.upsCa = mock_upstreamca.NewMockUpstreamCA(suite.mockCtrl) - logger, err := log.NewLogger("DEBUG", "") + suite.stdout = new(bytes.Buffer) + logrusLevel, err := logrus.ParseLevel("DEBUG") suite.Nil(err) + + logger := logrus.New() + logger.Out = suite.stdout + logger.Level = logrusLevel + suite.server = New(Config{ Log: logger, TrustDomain: url.URL{ @@ -66,3 +81,102 @@ func (suite *ServerTestSuite) TestUmask() { suite.Nil(err) suite.Equal(os.FileMode(0000), fi.Mode().Perm()) } + +func (suite *ServerTestSuite) TestValidateTrustDomain() { + ctx := context.Background() + ds := suite.ds + + // Create default trust domain + trustDomain := "spiffe://test.com" + uri, err := url.Parse(trustDomain) + suite.NoError(err) + + // Create new trust domain + newTrustDomain := "spiffe://new_test.com" + newUri, err := url.Parse(newTrustDomain) + suite.NoError(err) + + // Set trust domain to server + suite.server.config.TrustDomain = *uri + suite.NoError(err) + + // No attested nodes, not error expected + err = suite.server.validateTrustDomain(ctx, ds) + suite.NoError(err) + + // create attested node with current trust domain + ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{ + Node: &datastore.AttestedNode{ + SpiffeId: "spiffe://test.com/host", + AttestationDataType: "fake_nodeattestor_1", + CertNotAfter: 1822684794, + CertSerialNumber: "18392437442709699290", + }, + }) + + // Attested now with same trust domain created, no error expected + err = suite.server.validateTrustDomain(ctx, ds) + suite.NoError(err) + + // Update server trust domain to force errors + suite.server.config.TrustDomain = *newUri + + // Update server's trust domain, error expected because invalid trust domain + err = suite.server.validateTrustDomain(ctx, ds) + // no error expected, warning is displaying in this case + suite.NoError(err) + suite.Require().Contains(suite.stdout.String(), fmt.Sprintf(invalidTrustDomainAttestedNode, "test.com", "new_test.com")) + + // Back server's trust domain + suite.server.config.TrustDomain = *uri + + // Create a registration entry with original trust domain + ds.CreateRegistrationEntry(ctx, &datastore.CreateRegistrationEntryRequest{ + Entry: &common.RegistrationEntry{ + SpiffeId: "spiffe://test.com/foo", + Selectors: []*common.Selector{{Type: "TYPE", Value: "VALUE"}}, + }, + }) + + // Attested node and registration entry have the same trust domain as server, no error expected + err = suite.server.validateTrustDomain(ctx, ds) + suite.NoError(err) + + // Update server's trust domain, error expected because invalid trust domain + suite.server.config.TrustDomain = *newUri + err = suite.server.validateTrustDomain(ctx, ds) + suite.EqualError(err, fmt.Sprintf(invalidTrustDomainRegistrationEntry, "test.com", "new_test.com")) + + // Create a registration entry with an invalid url + suite.server.config.TrustDomain = *uri + resp, err := ds.CreateRegistrationEntry(ctx, &datastore.CreateRegistrationEntryRequest{ + Entry: &common.RegistrationEntry{ + SpiffeId: "spiffe://inv%ild/test", + Selectors: []*common.Selector{{Type: "TYPE", Value: "VALUE"}}, + }, + }) + suite.NoError(err) + err = suite.server.validateTrustDomain(ctx, ds) + expectedError := fmt.Sprintf(invalidSpiffeIDRegistrationEntry, resp.Entry.EntryId, "") + suite.Contains(err.Error(), expectedError) + + // remove entry to solve error + ds.DeleteRegistrationEntry(ctx, &datastore.DeleteRegistrationEntryRequest{ + EntryId: resp.Entry.EntryId, + }) + + // create attested node with current trust domain + nodeResp, err := ds.CreateAttestedNode(ctx, &datastore.CreateAttestedNodeRequest{ + Node: &datastore.AttestedNode{ + SpiffeId: "spiffe://inv%ild/host", + AttestationDataType: "fake_nodeattestor_1", + CertNotAfter: 1822684794, + CertSerialNumber: "18392437442709699290", + }, + }) + suite.NoError(err) + // Attested now with same trust domain created, no error expected + err = suite.server.validateTrustDomain(ctx, ds) + suite.NoError(err) + suite.Require().Contains(suite.stdout.String(), fmt.Sprintf(invalidSpiffeIDAttestedNode, nodeResp.Node.SpiffeId, "")) +} diff --git a/proto/server/datastore/README_pb.md b/proto/server/datastore/README_pb.md index b5b2c8f6bd..1d69813162 100644 --- a/proto/server/datastore/README_pb.md +++ b/proto/server/datastore/README_pb.md @@ -83,6 +83,7 @@ - [ListRegistrationEntriesRequest](#spire.server.datastore.ListRegistrationEntriesRequest) - [ListRegistrationEntriesResponse](#spire.server.datastore.ListRegistrationEntriesResponse) - [NodeSelectors](#spire.server.datastore.NodeSelectors) + - [Pagination](#spire.server.datastore.Pagination) - [PruneJoinTokensRequest](#spire.server.datastore.PruneJoinTokensRequest) - [PruneJoinTokensResponse](#spire.server.datastore.PruneJoinTokensResponse) - [SetNodeSelectorsRequest](#spire.server.datastore.SetNodeSelectorsRequest) @@ -1016,6 +1017,7 @@ Represents a type with a list of Selector. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | by_expires_before | [.google.protobuf.Int64Value](#spire.server.datastore..google.protobuf.Int64Value) | | | +| pagination | [Pagination](#spire.server.datastore.Pagination) | | | @@ -1031,6 +1033,7 @@ Represents a type with a list of Selector. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | nodes | [AttestedNode](#spire.server.datastore.AttestedNode) | repeated | | +| pagination | [Pagination](#spire.server.datastore.Pagination) | | | @@ -1073,6 +1076,7 @@ Represents a type with a list of Selector. | by_parent_id | [.google.protobuf.StringValue](#spire.server.datastore..google.protobuf.StringValue) | | | | by_selectors | [BySelectors](#spire.server.datastore.BySelectors) | | | | by_spiffe_id | [.google.protobuf.StringValue](#spire.server.datastore..google.protobuf.StringValue) | | | +| pagination | [Pagination](#spire.server.datastore.Pagination) | | | @@ -1088,6 +1092,7 @@ Represents a type with a list of Selector. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | entries | [.spire.common.RegistrationEntry](#spire.server.datastore..spire.common.RegistrationEntry) | repeated | | +| pagination | [Pagination](#spire.server.datastore.Pagination) | | | @@ -1110,6 +1115,22 @@ Represents a type with a list of Selector. + + +### Pagination + + + +| Field | Type | Label | Description | +| ----- | ---- | ----- | ----------- | +| token | [string](#string) | | | +| page_size | [int32](#int32) | | | + + + + + + ### PruneJoinTokensRequest diff --git a/proto/server/datastore/datastore.pb.go b/proto/server/datastore/datastore.pb.go index 75537b2809..c797fd5a50 100644 --- a/proto/server/datastore/datastore.pb.go +++ b/proto/server/datastore/datastore.pb.go @@ -123,7 +123,7 @@ func (x DeleteBundleRequest_Mode) String() string { return proto.EnumName(DeleteBundleRequest_Mode_name, int32(x)) } func (DeleteBundleRequest_Mode) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{10, 0} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{10, 0} } type BySelectors_MatchBehavior int32 @@ -146,7 +146,7 @@ func (x BySelectors_MatchBehavior) String() string { return proto.EnumName(BySelectors_MatchBehavior_name, int32(x)) } func (BySelectors_MatchBehavior) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{32, 0} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{32, 0} } type CreateBundleRequest struct { @@ -160,7 +160,7 @@ func (m *CreateBundleRequest) Reset() { *m = CreateBundleRequest{} } func (m *CreateBundleRequest) String() string { return proto.CompactTextString(m) } func (*CreateBundleRequest) ProtoMessage() {} func (*CreateBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{0} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{0} } func (m *CreateBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateBundleRequest.Unmarshal(m, b) @@ -198,7 +198,7 @@ func (m *CreateBundleResponse) Reset() { *m = CreateBundleResponse{} } func (m *CreateBundleResponse) String() string { return proto.CompactTextString(m) } func (*CreateBundleResponse) ProtoMessage() {} func (*CreateBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{1} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{1} } func (m *CreateBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateBundleResponse.Unmarshal(m, b) @@ -236,7 +236,7 @@ func (m *FetchBundleRequest) Reset() { *m = FetchBundleRequest{} } func (m *FetchBundleRequest) String() string { return proto.CompactTextString(m) } func (*FetchBundleRequest) ProtoMessage() {} func (*FetchBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{2} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{2} } func (m *FetchBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchBundleRequest.Unmarshal(m, b) @@ -274,7 +274,7 @@ func (m *FetchBundleResponse) Reset() { *m = FetchBundleResponse{} } func (m *FetchBundleResponse) String() string { return proto.CompactTextString(m) } func (*FetchBundleResponse) ProtoMessage() {} func (*FetchBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{3} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{3} } func (m *FetchBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchBundleResponse.Unmarshal(m, b) @@ -311,7 +311,7 @@ func (m *ListBundlesRequest) Reset() { *m = ListBundlesRequest{} } func (m *ListBundlesRequest) String() string { return proto.CompactTextString(m) } func (*ListBundlesRequest) ProtoMessage() {} func (*ListBundlesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{4} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{4} } func (m *ListBundlesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListBundlesRequest.Unmarshal(m, b) @@ -342,7 +342,7 @@ func (m *ListBundlesResponse) Reset() { *m = ListBundlesResponse{} } func (m *ListBundlesResponse) String() string { return proto.CompactTextString(m) } func (*ListBundlesResponse) ProtoMessage() {} func (*ListBundlesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{5} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{5} } func (m *ListBundlesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListBundlesResponse.Unmarshal(m, b) @@ -380,7 +380,7 @@ func (m *UpdateBundleRequest) Reset() { *m = UpdateBundleRequest{} } func (m *UpdateBundleRequest) String() string { return proto.CompactTextString(m) } func (*UpdateBundleRequest) ProtoMessage() {} func (*UpdateBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{6} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{6} } func (m *UpdateBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateBundleRequest.Unmarshal(m, b) @@ -418,7 +418,7 @@ func (m *UpdateBundleResponse) Reset() { *m = UpdateBundleResponse{} } func (m *UpdateBundleResponse) String() string { return proto.CompactTextString(m) } func (*UpdateBundleResponse) ProtoMessage() {} func (*UpdateBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{7} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{7} } func (m *UpdateBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateBundleResponse.Unmarshal(m, b) @@ -456,7 +456,7 @@ func (m *AppendBundleRequest) Reset() { *m = AppendBundleRequest{} } func (m *AppendBundleRequest) String() string { return proto.CompactTextString(m) } func (*AppendBundleRequest) ProtoMessage() {} func (*AppendBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{8} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{8} } func (m *AppendBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AppendBundleRequest.Unmarshal(m, b) @@ -494,7 +494,7 @@ func (m *AppendBundleResponse) Reset() { *m = AppendBundleResponse{} } func (m *AppendBundleResponse) String() string { return proto.CompactTextString(m) } func (*AppendBundleResponse) ProtoMessage() {} func (*AppendBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{9} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{9} } func (m *AppendBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AppendBundleResponse.Unmarshal(m, b) @@ -533,7 +533,7 @@ func (m *DeleteBundleRequest) Reset() { *m = DeleteBundleRequest{} } func (m *DeleteBundleRequest) String() string { return proto.CompactTextString(m) } func (*DeleteBundleRequest) ProtoMessage() {} func (*DeleteBundleRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{10} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{10} } func (m *DeleteBundleRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteBundleRequest.Unmarshal(m, b) @@ -578,7 +578,7 @@ func (m *DeleteBundleResponse) Reset() { *m = DeleteBundleResponse{} } func (m *DeleteBundleResponse) String() string { return proto.CompactTextString(m) } func (*DeleteBundleResponse) ProtoMessage() {} func (*DeleteBundleResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{11} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{11} } func (m *DeleteBundleResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteBundleResponse.Unmarshal(m, b) @@ -619,7 +619,7 @@ func (m *NodeSelectors) Reset() { *m = NodeSelectors{} } func (m *NodeSelectors) String() string { return proto.CompactTextString(m) } func (*NodeSelectors) ProtoMessage() {} func (*NodeSelectors) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{12} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{12} } func (m *NodeSelectors) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_NodeSelectors.Unmarshal(m, b) @@ -664,7 +664,7 @@ func (m *SetNodeSelectorsRequest) Reset() { *m = SetNodeSelectorsRequest func (m *SetNodeSelectorsRequest) String() string { return proto.CompactTextString(m) } func (*SetNodeSelectorsRequest) ProtoMessage() {} func (*SetNodeSelectorsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{13} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{13} } func (m *SetNodeSelectorsRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_SetNodeSelectorsRequest.Unmarshal(m, b) @@ -701,7 +701,7 @@ func (m *SetNodeSelectorsResponse) Reset() { *m = SetNodeSelectorsRespon func (m *SetNodeSelectorsResponse) String() string { return proto.CompactTextString(m) } func (*SetNodeSelectorsResponse) ProtoMessage() {} func (*SetNodeSelectorsResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{14} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{14} } func (m *SetNodeSelectorsResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_SetNodeSelectorsResponse.Unmarshal(m, b) @@ -732,7 +732,7 @@ func (m *GetNodeSelectorsRequest) Reset() { *m = GetNodeSelectorsRequest func (m *GetNodeSelectorsRequest) String() string { return proto.CompactTextString(m) } func (*GetNodeSelectorsRequest) ProtoMessage() {} func (*GetNodeSelectorsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{15} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{15} } func (m *GetNodeSelectorsRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetNodeSelectorsRequest.Unmarshal(m, b) @@ -770,7 +770,7 @@ func (m *GetNodeSelectorsResponse) Reset() { *m = GetNodeSelectorsRespon func (m *GetNodeSelectorsResponse) String() string { return proto.CompactTextString(m) } func (*GetNodeSelectorsResponse) ProtoMessage() {} func (*GetNodeSelectorsResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{16} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{16} } func (m *GetNodeSelectorsResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_GetNodeSelectorsResponse.Unmarshal(m, b) @@ -815,7 +815,7 @@ func (m *AttestedNode) Reset() { *m = AttestedNode{} } func (m *AttestedNode) String() string { return proto.CompactTextString(m) } func (*AttestedNode) ProtoMessage() {} func (*AttestedNode) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{17} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{17} } func (m *AttestedNode) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_AttestedNode.Unmarshal(m, b) @@ -874,7 +874,7 @@ func (m *CreateAttestedNodeRequest) Reset() { *m = CreateAttestedNodeReq func (m *CreateAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*CreateAttestedNodeRequest) ProtoMessage() {} func (*CreateAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{18} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{18} } func (m *CreateAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateAttestedNodeRequest.Unmarshal(m, b) @@ -912,7 +912,7 @@ func (m *CreateAttestedNodeResponse) Reset() { *m = CreateAttestedNodeRe func (m *CreateAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*CreateAttestedNodeResponse) ProtoMessage() {} func (*CreateAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{19} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{19} } func (m *CreateAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateAttestedNodeResponse.Unmarshal(m, b) @@ -950,7 +950,7 @@ func (m *FetchAttestedNodeRequest) Reset() { *m = FetchAttestedNodeReque func (m *FetchAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*FetchAttestedNodeRequest) ProtoMessage() {} func (*FetchAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{20} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{20} } func (m *FetchAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchAttestedNodeRequest.Unmarshal(m, b) @@ -988,7 +988,7 @@ func (m *FetchAttestedNodeResponse) Reset() { *m = FetchAttestedNodeResp func (m *FetchAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*FetchAttestedNodeResponse) ProtoMessage() {} func (*FetchAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{21} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{21} } func (m *FetchAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchAttestedNodeResponse.Unmarshal(m, b) @@ -1017,6 +1017,7 @@ func (m *FetchAttestedNodeResponse) GetNode() *AttestedNode { type ListAttestedNodesRequest struct { ByExpiresBefore *wrappers.Int64Value `protobuf:"bytes,1,opt,name=by_expires_before,json=byExpiresBefore,proto3" json:"by_expires_before,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1026,7 +1027,7 @@ func (m *ListAttestedNodesRequest) Reset() { *m = ListAttestedNodesReque func (m *ListAttestedNodesRequest) String() string { return proto.CompactTextString(m) } func (*ListAttestedNodesRequest) ProtoMessage() {} func (*ListAttestedNodesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{22} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{22} } func (m *ListAttestedNodesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListAttestedNodesRequest.Unmarshal(m, b) @@ -1053,8 +1054,16 @@ func (m *ListAttestedNodesRequest) GetByExpiresBefore() *wrappers.Int64Value { return nil } +func (m *ListAttestedNodesRequest) GetPagination() *Pagination { + if m != nil { + return m.Pagination + } + return nil +} + type ListAttestedNodesResponse struct { Nodes []*AttestedNode `protobuf:"bytes,1,rep,name=nodes,proto3" json:"nodes,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1064,7 +1073,7 @@ func (m *ListAttestedNodesResponse) Reset() { *m = ListAttestedNodesResp func (m *ListAttestedNodesResponse) String() string { return proto.CompactTextString(m) } func (*ListAttestedNodesResponse) ProtoMessage() {} func (*ListAttestedNodesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{23} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{23} } func (m *ListAttestedNodesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListAttestedNodesResponse.Unmarshal(m, b) @@ -1091,6 +1100,13 @@ func (m *ListAttestedNodesResponse) GetNodes() []*AttestedNode { return nil } +func (m *ListAttestedNodesResponse) GetPagination() *Pagination { + if m != nil { + return m.Pagination + } + return nil +} + type UpdateAttestedNodeRequest struct { SpiffeId string `protobuf:"bytes,1,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"` CertSerialNumber string `protobuf:"bytes,2,opt,name=cert_serial_number,json=certSerialNumber,proto3" json:"cert_serial_number,omitempty"` @@ -1104,7 +1120,7 @@ func (m *UpdateAttestedNodeRequest) Reset() { *m = UpdateAttestedNodeReq func (m *UpdateAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*UpdateAttestedNodeRequest) ProtoMessage() {} func (*UpdateAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{24} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{24} } func (m *UpdateAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateAttestedNodeRequest.Unmarshal(m, b) @@ -1156,7 +1172,7 @@ func (m *UpdateAttestedNodeResponse) Reset() { *m = UpdateAttestedNodeRe func (m *UpdateAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*UpdateAttestedNodeResponse) ProtoMessage() {} func (*UpdateAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{25} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{25} } func (m *UpdateAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateAttestedNodeResponse.Unmarshal(m, b) @@ -1194,7 +1210,7 @@ func (m *DeleteAttestedNodeRequest) Reset() { *m = DeleteAttestedNodeReq func (m *DeleteAttestedNodeRequest) String() string { return proto.CompactTextString(m) } func (*DeleteAttestedNodeRequest) ProtoMessage() {} func (*DeleteAttestedNodeRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{26} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{26} } func (m *DeleteAttestedNodeRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteAttestedNodeRequest.Unmarshal(m, b) @@ -1232,7 +1248,7 @@ func (m *DeleteAttestedNodeResponse) Reset() { *m = DeleteAttestedNodeRe func (m *DeleteAttestedNodeResponse) String() string { return proto.CompactTextString(m) } func (*DeleteAttestedNodeResponse) ProtoMessage() {} func (*DeleteAttestedNodeResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{27} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{27} } func (m *DeleteAttestedNodeResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteAttestedNodeResponse.Unmarshal(m, b) @@ -1270,7 +1286,7 @@ func (m *CreateRegistrationEntryRequest) Reset() { *m = CreateRegistrati func (m *CreateRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*CreateRegistrationEntryRequest) ProtoMessage() {} func (*CreateRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{28} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{28} } func (m *CreateRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRegistrationEntryRequest.Unmarshal(m, b) @@ -1308,7 +1324,7 @@ func (m *CreateRegistrationEntryResponse) Reset() { *m = CreateRegistrat func (m *CreateRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*CreateRegistrationEntryResponse) ProtoMessage() {} func (*CreateRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{29} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{29} } func (m *CreateRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateRegistrationEntryResponse.Unmarshal(m, b) @@ -1346,7 +1362,7 @@ func (m *FetchRegistrationEntryRequest) Reset() { *m = FetchRegistration func (m *FetchRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*FetchRegistrationEntryRequest) ProtoMessage() {} func (*FetchRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{30} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{30} } func (m *FetchRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchRegistrationEntryRequest.Unmarshal(m, b) @@ -1384,7 +1400,7 @@ func (m *FetchRegistrationEntryResponse) Reset() { *m = FetchRegistratio func (m *FetchRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*FetchRegistrationEntryResponse) ProtoMessage() {} func (*FetchRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{31} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{31} } func (m *FetchRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchRegistrationEntryResponse.Unmarshal(m, b) @@ -1423,7 +1439,7 @@ func (m *BySelectors) Reset() { *m = BySelectors{} } func (m *BySelectors) String() string { return proto.CompactTextString(m) } func (*BySelectors) ProtoMessage() {} func (*BySelectors) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{32} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{32} } func (m *BySelectors) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_BySelectors.Unmarshal(m, b) @@ -1457,10 +1473,57 @@ func (m *BySelectors) GetMatch() BySelectors_MatchBehavior { return BySelectors_MATCH_EXACT } +type Pagination struct { + Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` + PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Pagination) Reset() { *m = Pagination{} } +func (m *Pagination) String() string { return proto.CompactTextString(m) } +func (*Pagination) ProtoMessage() {} +func (*Pagination) Descriptor() ([]byte, []int) { + return fileDescriptor_datastore_6b0f555b51cfe366, []int{33} +} +func (m *Pagination) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Pagination.Unmarshal(m, b) +} +func (m *Pagination) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Pagination.Marshal(b, m, deterministic) +} +func (dst *Pagination) XXX_Merge(src proto.Message) { + xxx_messageInfo_Pagination.Merge(dst, src) +} +func (m *Pagination) XXX_Size() int { + return xxx_messageInfo_Pagination.Size(m) +} +func (m *Pagination) XXX_DiscardUnknown() { + xxx_messageInfo_Pagination.DiscardUnknown(m) +} + +var xxx_messageInfo_Pagination proto.InternalMessageInfo + +func (m *Pagination) GetToken() string { + if m != nil { + return m.Token + } + return "" +} + +func (m *Pagination) GetPageSize() int32 { + if m != nil { + return m.PageSize + } + return 0 +} + type ListRegistrationEntriesRequest struct { ByParentId *wrappers.StringValue `protobuf:"bytes,1,opt,name=by_parent_id,json=byParentId,proto3" json:"by_parent_id,omitempty"` BySelectors *BySelectors `protobuf:"bytes,2,opt,name=by_selectors,json=bySelectors,proto3" json:"by_selectors,omitempty"` BySpiffeId *wrappers.StringValue `protobuf:"bytes,3,opt,name=by_spiffe_id,json=bySpiffeId,proto3" json:"by_spiffe_id,omitempty"` + Pagination *Pagination `protobuf:"bytes,4,opt,name=pagination,proto3" json:"pagination,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1470,7 +1533,7 @@ func (m *ListRegistrationEntriesRequest) Reset() { *m = ListRegistration func (m *ListRegistrationEntriesRequest) String() string { return proto.CompactTextString(m) } func (*ListRegistrationEntriesRequest) ProtoMessage() {} func (*ListRegistrationEntriesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{33} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{34} } func (m *ListRegistrationEntriesRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRegistrationEntriesRequest.Unmarshal(m, b) @@ -1511,8 +1574,16 @@ func (m *ListRegistrationEntriesRequest) GetBySpiffeId() *wrappers.StringValue { return nil } +func (m *ListRegistrationEntriesRequest) GetPagination() *Pagination { + if m != nil { + return m.Pagination + } + return nil +} + type ListRegistrationEntriesResponse struct { Entries []*common.RegistrationEntry `protobuf:"bytes,1,rep,name=entries,proto3" json:"entries,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1522,7 +1593,7 @@ func (m *ListRegistrationEntriesResponse) Reset() { *m = ListRegistratio func (m *ListRegistrationEntriesResponse) String() string { return proto.CompactTextString(m) } func (*ListRegistrationEntriesResponse) ProtoMessage() {} func (*ListRegistrationEntriesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{34} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{35} } func (m *ListRegistrationEntriesResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_ListRegistrationEntriesResponse.Unmarshal(m, b) @@ -1549,6 +1620,13 @@ func (m *ListRegistrationEntriesResponse) GetEntries() []*common.RegistrationEnt return nil } +func (m *ListRegistrationEntriesResponse) GetPagination() *Pagination { + if m != nil { + return m.Pagination + } + return nil +} + type UpdateRegistrationEntryRequest struct { Entry *common.RegistrationEntry `protobuf:"bytes,1,opt,name=entry,proto3" json:"entry,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -1560,7 +1638,7 @@ func (m *UpdateRegistrationEntryRequest) Reset() { *m = UpdateRegistrati func (m *UpdateRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*UpdateRegistrationEntryRequest) ProtoMessage() {} func (*UpdateRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{35} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{36} } func (m *UpdateRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRegistrationEntryRequest.Unmarshal(m, b) @@ -1598,7 +1676,7 @@ func (m *UpdateRegistrationEntryResponse) Reset() { *m = UpdateRegistrat func (m *UpdateRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*UpdateRegistrationEntryResponse) ProtoMessage() {} func (*UpdateRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{36} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{37} } func (m *UpdateRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_UpdateRegistrationEntryResponse.Unmarshal(m, b) @@ -1636,7 +1714,7 @@ func (m *DeleteRegistrationEntryRequest) Reset() { *m = DeleteRegistrati func (m *DeleteRegistrationEntryRequest) String() string { return proto.CompactTextString(m) } func (*DeleteRegistrationEntryRequest) ProtoMessage() {} func (*DeleteRegistrationEntryRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{37} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{38} } func (m *DeleteRegistrationEntryRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRegistrationEntryRequest.Unmarshal(m, b) @@ -1674,7 +1752,7 @@ func (m *DeleteRegistrationEntryResponse) Reset() { *m = DeleteRegistrat func (m *DeleteRegistrationEntryResponse) String() string { return proto.CompactTextString(m) } func (*DeleteRegistrationEntryResponse) ProtoMessage() {} func (*DeleteRegistrationEntryResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{38} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{39} } func (m *DeleteRegistrationEntryResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteRegistrationEntryResponse.Unmarshal(m, b) @@ -1715,7 +1793,7 @@ func (m *JoinToken) Reset() { *m = JoinToken{} } func (m *JoinToken) String() string { return proto.CompactTextString(m) } func (*JoinToken) ProtoMessage() {} func (*JoinToken) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{39} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{40} } func (m *JoinToken) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_JoinToken.Unmarshal(m, b) @@ -1760,7 +1838,7 @@ func (m *CreateJoinTokenRequest) Reset() { *m = CreateJoinTokenRequest{} func (m *CreateJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*CreateJoinTokenRequest) ProtoMessage() {} func (*CreateJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{40} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{41} } func (m *CreateJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateJoinTokenRequest.Unmarshal(m, b) @@ -1798,7 +1876,7 @@ func (m *CreateJoinTokenResponse) Reset() { *m = CreateJoinTokenResponse func (m *CreateJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*CreateJoinTokenResponse) ProtoMessage() {} func (*CreateJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{41} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{42} } func (m *CreateJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_CreateJoinTokenResponse.Unmarshal(m, b) @@ -1836,7 +1914,7 @@ func (m *FetchJoinTokenRequest) Reset() { *m = FetchJoinTokenRequest{} } func (m *FetchJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*FetchJoinTokenRequest) ProtoMessage() {} func (*FetchJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{42} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{43} } func (m *FetchJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchJoinTokenRequest.Unmarshal(m, b) @@ -1874,7 +1952,7 @@ func (m *FetchJoinTokenResponse) Reset() { *m = FetchJoinTokenResponse{} func (m *FetchJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*FetchJoinTokenResponse) ProtoMessage() {} func (*FetchJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{43} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{44} } func (m *FetchJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_FetchJoinTokenResponse.Unmarshal(m, b) @@ -1912,7 +1990,7 @@ func (m *DeleteJoinTokenRequest) Reset() { *m = DeleteJoinTokenRequest{} func (m *DeleteJoinTokenRequest) String() string { return proto.CompactTextString(m) } func (*DeleteJoinTokenRequest) ProtoMessage() {} func (*DeleteJoinTokenRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{44} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{45} } func (m *DeleteJoinTokenRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteJoinTokenRequest.Unmarshal(m, b) @@ -1950,7 +2028,7 @@ func (m *DeleteJoinTokenResponse) Reset() { *m = DeleteJoinTokenResponse func (m *DeleteJoinTokenResponse) String() string { return proto.CompactTextString(m) } func (*DeleteJoinTokenResponse) ProtoMessage() {} func (*DeleteJoinTokenResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{45} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{46} } func (m *DeleteJoinTokenResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_DeleteJoinTokenResponse.Unmarshal(m, b) @@ -1988,7 +2066,7 @@ func (m *PruneJoinTokensRequest) Reset() { *m = PruneJoinTokensRequest{} func (m *PruneJoinTokensRequest) String() string { return proto.CompactTextString(m) } func (*PruneJoinTokensRequest) ProtoMessage() {} func (*PruneJoinTokensRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{46} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{47} } func (m *PruneJoinTokensRequest) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PruneJoinTokensRequest.Unmarshal(m, b) @@ -2025,7 +2103,7 @@ func (m *PruneJoinTokensResponse) Reset() { *m = PruneJoinTokensResponse func (m *PruneJoinTokensResponse) String() string { return proto.CompactTextString(m) } func (*PruneJoinTokensResponse) ProtoMessage() {} func (*PruneJoinTokensResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_datastore_0fcdeb1deb154e2b, []int{47} + return fileDescriptor_datastore_6b0f555b51cfe366, []int{48} } func (m *PruneJoinTokensResponse) XXX_Unmarshal(b []byte) error { return xxx_messageInfo_PruneJoinTokensResponse.Unmarshal(m, b) @@ -2079,6 +2157,7 @@ func init() { proto.RegisterType((*FetchRegistrationEntryRequest)(nil), "spire.server.datastore.FetchRegistrationEntryRequest") proto.RegisterType((*FetchRegistrationEntryResponse)(nil), "spire.server.datastore.FetchRegistrationEntryResponse") proto.RegisterType((*BySelectors)(nil), "spire.server.datastore.BySelectors") + proto.RegisterType((*Pagination)(nil), "spire.server.datastore.Pagination") proto.RegisterType((*ListRegistrationEntriesRequest)(nil), "spire.server.datastore.ListRegistrationEntriesRequest") proto.RegisterType((*ListRegistrationEntriesResponse)(nil), "spire.server.datastore.ListRegistrationEntriesResponse") proto.RegisterType((*UpdateRegistrationEntryRequest)(nil), "spire.server.datastore.UpdateRegistrationEntryRequest") @@ -2977,106 +3056,110 @@ var _DataStore_serviceDesc = grpc.ServiceDesc{ Metadata: "datastore.proto", } -func init() { proto.RegisterFile("datastore.proto", fileDescriptor_datastore_0fcdeb1deb154e2b) } - -var fileDescriptor_datastore_0fcdeb1deb154e2b = []byte{ - // 1557 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x59, 0x6d, 0x73, 0xda, 0xc6, - 0x16, 0x8e, 0xfc, 0x96, 0x70, 0xc0, 0x2f, 0x59, 0x3b, 0x18, 0xc8, 0xbd, 0xb6, 0xaf, 0x6e, 0x92, - 0xc9, 0xcd, 0x8b, 0xb0, 0xb9, 0x89, 0xf3, 0xd2, 0x4e, 0x5b, 0x1b, 0x08, 0xa5, 0x93, 0xa4, 0x1e, - 0x81, 0x9d, 0x4c, 0xd2, 0x29, 0x23, 0xd0, 0x82, 0x95, 0x82, 0x44, 0xa5, 0x25, 0x0d, 0x93, 0x1f, - 0xd0, 0x99, 0x4e, 0xff, 0x4b, 0x3f, 0x74, 0xfa, 0xbd, 0x3f, 0xa7, 0x3f, 0xa3, 0xa3, 0x5d, 0x09, - 0x24, 0xa4, 0x95, 0x05, 0xa4, 0x9f, 0x8c, 0x56, 0xe7, 0x39, 0xe7, 0x39, 0x47, 0x67, 0xcf, 0x9e, - 0xb3, 0x86, 0x75, 0x55, 0x21, 0x8a, 0x45, 0x0c, 0x13, 0x4b, 0x7d, 0xd3, 0x20, 0x06, 0x4a, 0x5b, - 0x7d, 0xcd, 0xc4, 0x92, 0x85, 0xcd, 0xf7, 0xd8, 0x94, 0x46, 0x6f, 0x73, 0x3b, 0x1d, 0xc3, 0xe8, - 0x74, 0x71, 0x9e, 0x4a, 0x35, 0x07, 0xed, 0xfc, 0x4f, 0xa6, 0xd2, 0xef, 0x63, 0xd3, 0x62, 0xb8, - 0xdc, 0xe3, 0x8e, 0x46, 0xce, 0x07, 0x4d, 0xa9, 0x65, 0xf4, 0xf2, 0x56, 0x5f, 0x6b, 0xb7, 0x71, - 0x9e, 0x6a, 0x62, 0x80, 0x7c, 0xcb, 0xe8, 0xf5, 0x0c, 0x3d, 0xdf, 0xef, 0x0e, 0x3a, 0x9a, 0xfb, - 0xc7, 0x41, 0x1e, 0xc4, 0x42, 0xb2, 0x3f, 0x0c, 0x22, 0x16, 0x61, 0xb3, 0x68, 0x62, 0x85, 0xe0, - 0xe3, 0x81, 0xae, 0x76, 0xb1, 0x8c, 0x7f, 0x1c, 0x60, 0x8b, 0xa0, 0x7b, 0xb0, 0xd2, 0xa4, 0x0b, - 0x19, 0x61, 0x4f, 0xb8, 0x9d, 0x2c, 0x6c, 0x49, 0xcc, 0x19, 0x07, 0xeb, 0x08, 0x3b, 0x32, 0x62, - 0x09, 0xb6, 0xfc, 0x4a, 0xac, 0xbe, 0xa1, 0x5b, 0x78, 0x4a, 0x2d, 0x9f, 0x03, 0x7a, 0x86, 0x49, - 0xeb, 0xdc, 0xcf, 0xe4, 0x16, 0xac, 0x13, 0x73, 0x60, 0x91, 0x86, 0x6a, 0xf4, 0x14, 0x4d, 0x6f, - 0x68, 0x2a, 0x55, 0x96, 0x90, 0x57, 0xe9, 0x72, 0x89, 0xae, 0x56, 0x55, 0xdb, 0x11, 0x1f, 0x7a, - 0x26, 0x0a, 0x5b, 0x80, 0x9e, 0x6b, 0x16, 0x61, 0xab, 0x96, 0x43, 0x41, 0x2c, 0xc3, 0xa6, 0x6f, - 0xd5, 0x51, 0x2d, 0xc1, 0x65, 0x06, 0xb3, 0x32, 0xc2, 0xde, 0x22, 0x57, 0xb7, 0x2b, 0x64, 0x33, - 0x3c, 0xed, 0xab, 0xf3, 0x87, 0xda, 0xaf, 0x64, 0x26, 0x3f, 0x8b, 0xb0, 0x79, 0xd4, 0xef, 0x63, - 0x5d, 0x9d, 0x93, 0x8a, 0x5f, 0xc9, 0x4c, 0x54, 0xfe, 0x10, 0x60, 0xb3, 0x84, 0xbb, 0x78, 0x32, - 0x2c, 0x31, 0xbf, 0x3b, 0x2a, 0xc1, 0x52, 0xcf, 0x50, 0x71, 0x66, 0x61, 0x4f, 0xb8, 0xbd, 0x56, - 0xd8, 0x97, 0xc2, 0x37, 0x9d, 0x14, 0x62, 0x42, 0x7a, 0x61, 0xa8, 0x58, 0xa6, 0x68, 0x71, 0x1f, - 0x96, 0xec, 0x27, 0x94, 0x82, 0x2b, 0x72, 0xb9, 0x56, 0x97, 0xab, 0xc5, 0xfa, 0xc6, 0x25, 0x04, - 0xb0, 0x52, 0x2a, 0x3f, 0x2f, 0xd7, 0xcb, 0x1b, 0x02, 0x5a, 0x03, 0x28, 0x55, 0x6b, 0xb5, 0x6f, - 0x8b, 0xd5, 0xa3, 0x7a, 0x79, 0x63, 0xc1, 0xf6, 0xde, 0xaf, 0x73, 0x26, 0xef, 0x9b, 0xb0, 0xfa, - 0xd2, 0x50, 0x71, 0x0d, 0x77, 0x71, 0x8b, 0x18, 0xa6, 0x85, 0xae, 0x43, 0x82, 0xed, 0xdc, 0xb1, - 0xc3, 0x57, 0xd8, 0x42, 0x55, 0x45, 0x0f, 0x20, 0x61, 0xb9, 0x92, 0x99, 0x05, 0x9a, 0x73, 0x69, - 0xbf, 0x7a, 0x57, 0x91, 0x3c, 0x16, 0x14, 0xbf, 0x87, 0xed, 0x1a, 0x26, 0x3e, 0x33, 0x6e, 0x90, - 0x8b, 0x5e, 0x85, 0x8c, 0xef, 0x4d, 0x5e, 0x04, 0xfd, 0x0a, 0x3c, 0xfa, 0x73, 0x90, 0x09, 0xea, - 0x67, 0xd1, 0x10, 0x0f, 0x61, 0xbb, 0xc2, 0xb1, 0x1d, 0xe5, 0xa9, 0xd8, 0x80, 0x4c, 0x85, 0xa3, - 0xf3, 0xd3, 0x90, 0xfe, 0x5d, 0x80, 0xd4, 0x11, 0x21, 0xd8, 0x22, 0x58, 0xb5, 0x85, 0xa2, 0x03, - 0x5f, 0x80, 0x6b, 0x0a, 0x15, 0x56, 0x88, 0x66, 0xe8, 0x0d, 0x5b, 0x7f, 0x83, 0x0c, 0xfb, 0x2c, - 0xeb, 0x12, 0xf2, 0xa6, 0xe7, 0x65, 0x49, 0x21, 0x4a, 0x7d, 0xd8, 0xb7, 0x13, 0x01, 0xb5, 0xb0, - 0x49, 0x1a, 0x16, 0x36, 0x35, 0xa5, 0xdb, 0xd0, 0x07, 0xbd, 0x26, 0x36, 0x33, 0x8b, 0x14, 0xb0, - 0x61, 0xbf, 0xa9, 0xd1, 0x17, 0x2f, 0xe9, 0x3a, 0xba, 0x01, 0x6b, 0x54, 0x5a, 0x37, 0x48, 0x43, - 0x69, 0x13, 0x6c, 0x66, 0x96, 0xf6, 0x84, 0xdb, 0x8b, 0x72, 0xca, 0x5e, 0x7d, 0x69, 0x90, 0x23, - 0x7b, 0x4d, 0x3c, 0x85, 0x2c, 0x2b, 0xb4, 0x5e, 0xea, 0x6e, 0x40, 0x1f, 0xc3, 0x92, 0x6e, 0xef, - 0x04, 0x16, 0x92, 0x1b, 0xbc, 0x90, 0xf8, 0xa0, 0x14, 0x21, 0x9e, 0x41, 0x2e, 0x4c, 0xad, 0x13, - 0xef, 0xd9, 0xf5, 0x3e, 0x82, 0x0c, 0xad, 0xc9, 0x61, 0x6c, 0x23, 0x3f, 0xff, 0x29, 0x64, 0x43, - 0x80, 0x73, 0xf3, 0x69, 0x41, 0xc6, 0x2e, 0xe4, 0xde, 0x37, 0xa3, 0x74, 0xac, 0xc0, 0xd5, 0xe6, - 0xb0, 0x81, 0x3f, 0xd8, 0xca, 0xac, 0x46, 0x13, 0xb7, 0x0d, 0xd3, 0x35, 0x71, 0x5d, 0x62, 0x27, - 0xb6, 0xe4, 0x9e, 0xd8, 0x52, 0x55, 0x27, 0x87, 0x0f, 0xce, 0x94, 0xee, 0x00, 0xcb, 0xeb, 0xcd, - 0x61, 0x99, 0x81, 0x8e, 0x29, 0x46, 0x7c, 0x05, 0xd9, 0x10, 0x23, 0x0e, 0xf7, 0xa7, 0xb0, 0x6c, - 0x33, 0x71, 0x4f, 0x8c, 0x78, 0xe4, 0x19, 0x44, 0xfc, 0x55, 0x80, 0x2c, 0xab, 0xfd, 0xd3, 0xc6, - 0x93, 0x93, 0x8b, 0x0b, 0xb1, 0x73, 0x71, 0x31, 0x24, 0x17, 0xcf, 0x20, 0x17, 0xc6, 0x66, 0xee, - 0x8f, 0xf4, 0x18, 0xb2, 0xac, 0xb0, 0x4e, 0x9d, 0x35, 0x67, 0x90, 0x0b, 0x43, 0xce, 0xcd, 0xe8, - 0x15, 0xec, 0xb0, 0xed, 0x21, 0xe3, 0x8e, 0x66, 0x11, 0x93, 0xee, 0xf3, 0xb2, 0x4e, 0xcc, 0xa1, - 0x4b, 0xeb, 0x21, 0x2c, 0x63, 0xfb, 0xd9, 0x51, 0xbe, 0xeb, 0x2f, 0xca, 0x41, 0x18, 0x93, 0x16, - 0x5f, 0xc3, 0x2e, 0x57, 0xb1, 0xc3, 0x7a, 0x46, 0xcd, 0x4f, 0xe1, 0xdf, 0x74, 0x03, 0x71, 0x19, - 0x67, 0xe1, 0x0a, 0x95, 0x1c, 0xc7, 0xf1, 0x32, 0x7d, 0xae, 0xaa, 0xb6, 0xbb, 0x3c, 0xec, 0x7c, - 0xa4, 0xfe, 0x14, 0x20, 0x79, 0x3c, 0x1c, 0x9f, 0x75, 0x0f, 0xfc, 0x85, 0x3c, 0xde, 0x71, 0x86, - 0x2a, 0xb0, 0xdc, 0x53, 0x48, 0xeb, 0xdc, 0x39, 0xf1, 0x0f, 0x78, 0x1f, 0xd2, 0x63, 0x49, 0x7a, - 0x61, 0x03, 0x8e, 0xf1, 0xb9, 0xf2, 0x5e, 0x33, 0x4c, 0x99, 0xe1, 0xc5, 0x02, 0xac, 0xfa, 0xd6, - 0xd1, 0x3a, 0x24, 0x5f, 0x1c, 0xd5, 0x8b, 0x5f, 0x37, 0xca, 0xaf, 0x8f, 0xe8, 0xf9, 0xbf, 0x01, - 0x29, 0xb6, 0x50, 0x3b, 0x3d, 0xae, 0x95, 0xeb, 0x1b, 0x82, 0xf8, 0x97, 0x00, 0x3b, 0xf6, 0xee, - 0x9e, 0xf4, 0x51, 0x1b, 0x17, 0x92, 0x2f, 0x20, 0xd5, 0x1c, 0x36, 0xfa, 0x8a, 0x89, 0x75, 0xe2, - 0x46, 0x37, 0x59, 0xf8, 0x57, 0xa0, 0x86, 0xd4, 0x88, 0xa9, 0xe9, 0x1d, 0x56, 0x44, 0xa0, 0x39, - 0x3c, 0xa1, 0x80, 0xaa, 0x8a, 0x9e, 0x51, 0xbc, 0xf7, 0x9c, 0xb7, 0xf1, 0xff, 0x8d, 0xe1, 0xa6, - 0x9c, 0x6c, 0x7a, 0xa2, 0xcb, 0x78, 0x8c, 0x77, 0xcb, 0x62, 0x3c, 0x1e, 0x35, 0x77, 0x37, 0x7d, - 0x07, 0xbb, 0x5c, 0x4f, 0x9d, 0x3c, 0x78, 0x02, 0x34, 0x69, 0xb4, 0x51, 0x3d, 0xbb, 0x30, 0x13, - 0x5c, 0x79, 0x3b, 0xc9, 0x58, 0xf5, 0xf8, 0x07, 0xf6, 0x14, 0x57, 0xf1, 0x7c, 0xe9, 0xfb, 0x19, - 0xec, 0xb0, 0xf2, 0x32, 0xcb, 0xa6, 0x7a, 0x0d, 0xbb, 0x5c, 0xf0, 0x7c, 0xb4, 0x9e, 0x40, 0xe2, - 0x1b, 0x43, 0xd3, 0xeb, 0xc6, 0x0f, 0x58, 0x47, 0x5b, 0xb0, 0x4c, 0xec, 0x1f, 0x8e, 0x79, 0xf6, - 0x80, 0xd2, 0xb0, 0x42, 0x0f, 0xb6, 0x21, 0x4d, 0xa6, 0x45, 0xd9, 0x79, 0x12, 0xdf, 0x40, 0x9a, - 0xd5, 0x9f, 0x91, 0x02, 0xd7, 0x93, 0xaf, 0x00, 0xde, 0x19, 0x9a, 0xde, 0x18, 0x2b, 0x4b, 0x16, - 0xfe, 0xc3, 0x4b, 0xc1, 0x31, 0x3a, 0xf1, 0xce, 0xfd, 0x29, 0xbe, 0x85, 0xed, 0x80, 0x6e, 0xc7, - 0xd1, 0xf9, 0x95, 0xdf, 0x87, 0x6b, 0xb4, 0x44, 0x05, 0x78, 0x87, 0xfa, 0x6f, 0xfb, 0x39, 0x29, - 0xfe, 0xc9, 0xa8, 0x48, 0x90, 0x66, 0x1f, 0x36, 0x26, 0x97, 0xb7, 0xb0, 0x1d, 0x90, 0xff, 0x64, - 0x64, 0xbe, 0x84, 0xf4, 0x89, 0x39, 0xd0, 0xc7, 0xba, 0x47, 0x55, 0xe9, 0x26, 0xac, 0x85, 0xf4, - 0x36, 0x8b, 0xf2, 0x2a, 0xf6, 0x35, 0x2f, 0x59, 0xd8, 0x0e, 0x28, 0x60, 0xec, 0x0a, 0xbf, 0xa5, - 0x21, 0x61, 0x37, 0xb7, 0x35, 0xdb, 0x3c, 0xd2, 0x20, 0xe5, 0x1d, 0xf9, 0xd1, 0x5d, 0x1e, 0xcf, - 0x90, 0xdb, 0x85, 0xdc, 0xbd, 0x78, 0xc2, 0x4e, 0x58, 0xda, 0x90, 0xf4, 0x4c, 0xf6, 0xe8, 0x0e, - 0x0f, 0x1c, 0xbc, 0x3c, 0xc8, 0xdd, 0x8d, 0x25, 0x3b, 0xb6, 0xe3, 0x19, 0xf3, 0xf9, 0x76, 0x82, - 0x37, 0x04, 0x7c, 0x3b, 0x61, 0xf7, 0x06, 0x1a, 0xa4, 0xbc, 0x23, 0x3c, 0x3f, 0x74, 0x21, 0xb7, - 0x05, 0xfc, 0xd0, 0x85, 0xde, 0x0a, 0x68, 0x90, 0xf2, 0x8e, 0xe8, 0x7c, 0x53, 0x21, 0xb7, 0x01, - 0x7c, 0x53, 0xa1, 0x53, 0xbf, 0x06, 0x29, 0xef, 0x3c, 0xcc, 0x37, 0x15, 0x32, 0x89, 0xf3, 0x4d, - 0x85, 0x8e, 0xd8, 0x1f, 0x01, 0x05, 0xc7, 0x15, 0x74, 0x10, 0x9d, 0x54, 0x21, 0xdd, 0x64, 0xae, - 0x30, 0x0d, 0xc4, 0x31, 0xfe, 0x01, 0xae, 0x06, 0x46, 0x13, 0xb4, 0x1f, 0x99, 0x67, 0x61, 0xa6, - 0x0f, 0xa6, 0x40, 0x8c, 0x2d, 0x07, 0x06, 0x0b, 0xbe, 0x65, 0xde, 0xa0, 0xc3, 0xb7, 0xcc, 0x9f, - 0x5a, 0x3e, 0x02, 0x0a, 0xb6, 0xfa, 0xfc, 0x80, 0x73, 0x87, 0x14, 0x7e, 0xc0, 0x23, 0x26, 0x89, - 0x8f, 0x80, 0x82, 0x5d, 0x3d, 0xdf, 0x38, 0x77, 0x76, 0xe0, 0x1b, 0x8f, 0x18, 0x1a, 0x06, 0xb0, - 0x31, 0x79, 0xb7, 0x81, 0xf2, 0x3c, 0x3d, 0x9c, 0x5b, 0x96, 0xdc, 0x7e, 0x7c, 0xc0, 0xd8, 0x6c, - 0x25, 0xb6, 0xd9, 0xca, 0xb4, 0x66, 0xb9, 0x37, 0x2b, 0xbf, 0x08, 0xee, 0xa1, 0x1d, 0xe8, 0x36, - 0xd0, 0x61, 0xf4, 0x5e, 0xe1, 0xf5, 0x44, 0xb9, 0x47, 0x53, 0xe3, 0x1c, 0x32, 0x3f, 0x0b, 0xce, - 0xa9, 0x1d, 0xe4, 0xf2, 0x30, 0x72, 0xf3, 0x70, 0xa9, 0x1c, 0x4e, 0x0b, 0xf3, 0x84, 0x85, 0xd3, - 0x0a, 0xf3, 0xc3, 0x12, 0x3d, 0x25, 0xf0, 0xc3, 0x72, 0x51, 0xcf, 0x6d, 0x93, 0xe1, 0x34, 0xb8, - 0x7c, 0x32, 0xd1, 0xad, 0x36, 0x9f, 0xcc, 0x45, 0x9d, 0xb4, 0x4d, 0x86, 0xd3, 0xd6, 0xf2, 0xc9, - 0x44, 0x37, 0xd1, 0x7c, 0x32, 0x17, 0xf5, 0xcf, 0x26, 0xac, 0x4f, 0x74, 0x9c, 0x48, 0x8a, 0x4e, - 0xbe, 0xc9, 0x96, 0x2d, 0x97, 0x8f, 0x2d, 0xef, 0xd8, 0x34, 0x60, 0xcd, 0xdf, 0x59, 0xa2, 0xfb, - 0x91, 0x49, 0x16, 0xb0, 0x28, 0xc5, 0x15, 0x1f, 0x3b, 0x39, 0xd1, 0x3e, 0xf2, 0x9d, 0x0c, 0xef, - 0x4b, 0xf9, 0x4e, 0xf2, 0xfa, 0x52, 0x13, 0xd6, 0x27, 0x9a, 0x42, 0xbe, 0xcd, 0xf0, 0xf6, 0x93, - 0x6f, 0x93, 0xd3, 0x6d, 0xa2, 0x37, 0x90, 0x28, 0x1a, 0x7a, 0x5b, 0xeb, 0x0c, 0x4c, 0x8c, 0x6e, - 0xfa, 0x47, 0x21, 0xe7, 0x7f, 0x5e, 0xa3, 0xf7, 0xae, 0x91, 0x5b, 0x17, 0x89, 0x8d, 0x1a, 0xbd, - 0xd5, 0x0a, 0x26, 0x27, 0xf4, 0x75, 0x55, 0x6f, 0x1b, 0xe8, 0x7f, 0xa1, 0x40, 0x9f, 0x8c, 0x6b, - 0xe3, 0x4e, 0x1c, 0x51, 0x66, 0xe7, 0x38, 0xf9, 0x26, 0x31, 0x72, 0xf4, 0xe4, 0xd2, 0x89, 0x70, - 0xb2, 0xd0, 0x5c, 0xa1, 0x63, 0xf7, 0xff, 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x1b, 0x20, 0xb9, - 0x23, 0x2d, 0x1c, 0x00, 0x00, +func init() { proto.RegisterFile("datastore.proto", fileDescriptor_datastore_6b0f555b51cfe366) } + +var fileDescriptor_datastore_6b0f555b51cfe366 = []byte{ + // 1627 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x59, 0xdd, 0x73, 0xdb, 0x44, + 0x10, 0xaf, 0xf2, 0xd5, 0x78, 0xed, 0x7c, 0xf4, 0x92, 0x26, 0x8e, 0x0b, 0x49, 0x10, 0x6d, 0xa7, + 0xf4, 0x43, 0x4e, 0x4c, 0x9b, 0x7e, 0xc0, 0x50, 0x12, 0xc7, 0x0d, 0x66, 0xda, 0x92, 0x91, 0x9d, + 0xb4, 0xd3, 0xce, 0xe0, 0x91, 0xa3, 0xb3, 0xa3, 0x92, 0x48, 0x42, 0x3a, 0x97, 0xba, 0xfd, 0x03, + 0x98, 0x61, 0xf8, 0x0f, 0x78, 0xe1, 0x8d, 0x17, 0x66, 0x78, 0x60, 0x78, 0xe7, 0x4f, 0x63, 0x74, + 0x27, 0x59, 0x92, 0xa5, 0x53, 0x64, 0x3b, 0x3c, 0xa5, 0x3e, 0xed, 0x6f, 0xf7, 0xb7, 0x7b, 0x7b, + 0x7b, 0x7b, 0x5b, 0x98, 0x53, 0x15, 0xa2, 0xd8, 0xc4, 0xb0, 0xb0, 0x64, 0x5a, 0x06, 0x31, 0xd0, + 0x92, 0x6d, 0x6a, 0x16, 0x96, 0x6c, 0x6c, 0xbd, 0xc5, 0x96, 0xd4, 0xfb, 0x5a, 0x58, 0x6d, 0x1b, + 0x46, 0xfb, 0x04, 0x17, 0xa9, 0x54, 0xb3, 0xd3, 0x2a, 0xfe, 0x64, 0x29, 0xa6, 0x89, 0x2d, 0x9b, + 0xe1, 0x0a, 0x0f, 0xda, 0x1a, 0x39, 0xee, 0x34, 0xa5, 0x23, 0xe3, 0xb4, 0x68, 0x9b, 0x5a, 0xab, + 0x85, 0x8b, 0x54, 0x13, 0x03, 0x14, 0x8f, 0x8c, 0xd3, 0x53, 0x43, 0x2f, 0x9a, 0x27, 0x9d, 0xb6, + 0xe6, 0xfd, 0x71, 0x91, 0x9b, 0xa9, 0x90, 0xec, 0x0f, 0x83, 0x88, 0x65, 0x58, 0x28, 0x5b, 0x58, + 0x21, 0x78, 0xa7, 0xa3, 0xab, 0x27, 0x58, 0xc6, 0x3f, 0x76, 0xb0, 0x4d, 0xd0, 0x6d, 0x98, 0x6a, + 0xd2, 0x85, 0xbc, 0xb0, 0x2e, 0xdc, 0xc8, 0x96, 0x16, 0x25, 0xe6, 0x8c, 0x8b, 0x75, 0x85, 0x5d, + 0x19, 0x71, 0x17, 0x16, 0xc3, 0x4a, 0x6c, 0xd3, 0xd0, 0x6d, 0x3c, 0xa0, 0x96, 0x2f, 0x01, 0x3d, + 0xc1, 0xe4, 0xe8, 0x38, 0xcc, 0xe4, 0x3a, 0xcc, 0x11, 0xab, 0x63, 0x93, 0x86, 0x6a, 0x9c, 0x2a, + 0x9a, 0xde, 0xd0, 0x54, 0xaa, 0x2c, 0x23, 0xcf, 0xd0, 0xe5, 0x5d, 0xba, 0x5a, 0x55, 0x1d, 0x47, + 0x42, 0xe8, 0xa1, 0x28, 0x2c, 0x02, 0x7a, 0xaa, 0xd9, 0x84, 0xad, 0xda, 0x2e, 0x05, 0xb1, 0x02, + 0x0b, 0xa1, 0x55, 0x57, 0xb5, 0x04, 0x17, 0x19, 0xcc, 0xce, 0x0b, 0xeb, 0xe3, 0x5c, 0xdd, 0x9e, + 0x90, 0xc3, 0xf0, 0xc0, 0x54, 0x47, 0x0f, 0x75, 0x58, 0xc9, 0x50, 0x7e, 0x96, 0x61, 0x61, 0xdb, + 0x34, 0xb1, 0xae, 0x8e, 0x48, 0x25, 0xac, 0x64, 0x28, 0x2a, 0xff, 0x08, 0xb0, 0xb0, 0x8b, 0x4f, + 0x70, 0x7f, 0x58, 0x52, 0xee, 0x3b, 0xda, 0x85, 0x89, 0x53, 0x43, 0xc5, 0xf9, 0xb1, 0x75, 0xe1, + 0xc6, 0x6c, 0x69, 0x43, 0x8a, 0x3f, 0x74, 0x52, 0x8c, 0x09, 0xe9, 0x99, 0xa1, 0x62, 0x99, 0xa2, + 0xc5, 0x0d, 0x98, 0x70, 0x7e, 0xa1, 0x1c, 0x4c, 0xcb, 0x95, 0x5a, 0x5d, 0xae, 0x96, 0xeb, 0xf3, + 0x17, 0x10, 0xc0, 0xd4, 0x6e, 0xe5, 0x69, 0xa5, 0x5e, 0x99, 0x17, 0xd0, 0x2c, 0xc0, 0x6e, 0xb5, + 0x56, 0xfb, 0xae, 0x5c, 0xdd, 0xae, 0x57, 0xe6, 0xc7, 0x1c, 0xef, 0xc3, 0x3a, 0x87, 0xf2, 0xbe, + 0x09, 0x33, 0xcf, 0x0d, 0x15, 0xd7, 0xf0, 0x09, 0x3e, 0x22, 0x86, 0x65, 0xa3, 0x2b, 0x90, 0x61, + 0x27, 0xd7, 0x77, 0x78, 0x9a, 0x2d, 0x54, 0x55, 0x74, 0x17, 0x32, 0xb6, 0x27, 0x99, 0x1f, 0xa3, + 0x39, 0xb7, 0x14, 0x56, 0xef, 0x29, 0x92, 0x7d, 0x41, 0xf1, 0x7b, 0x58, 0xae, 0x61, 0x12, 0x32, + 0xe3, 0x05, 0xb9, 0x1c, 0x54, 0xc8, 0xf8, 0x5e, 0xe3, 0x45, 0x30, 0xac, 0x20, 0xa0, 0xbf, 0x00, + 0xf9, 0xa8, 0x7e, 0x16, 0x0d, 0x71, 0x0b, 0x96, 0xf7, 0x38, 0xb6, 0x93, 0x3c, 0x15, 0x1b, 0x90, + 0xdf, 0xe3, 0xe8, 0x3c, 0x1f, 0xd2, 0x7f, 0x0b, 0x90, 0xdb, 0x26, 0x04, 0xdb, 0x04, 0xab, 0x8e, + 0x50, 0x72, 0xe0, 0x4b, 0x70, 0x59, 0xa1, 0xc2, 0x0a, 0xd1, 0x0c, 0xbd, 0xe1, 0xe8, 0x6f, 0x90, + 0xae, 0xc9, 0xb2, 0x2e, 0x23, 0x2f, 0x04, 0x3e, 0xee, 0x2a, 0x44, 0xa9, 0x77, 0x4d, 0x27, 0x11, + 0xd0, 0x11, 0xb6, 0x48, 0xc3, 0xc6, 0x96, 0xa6, 0x9c, 0x34, 0xf4, 0xce, 0x69, 0x13, 0x5b, 0xf9, + 0x71, 0x0a, 0x98, 0x77, 0xbe, 0xd4, 0xe8, 0x87, 0xe7, 0x74, 0x1d, 0x5d, 0x85, 0x59, 0x2a, 0xad, + 0x1b, 0xa4, 0xa1, 0xb4, 0x08, 0xb6, 0xf2, 0x13, 0xeb, 0xc2, 0x8d, 0x71, 0x39, 0xe7, 0xac, 0x3e, + 0x37, 0xc8, 0xb6, 0xb3, 0x26, 0x1e, 0xc0, 0x0a, 0x2b, 0xb4, 0x41, 0xea, 0x5e, 0x40, 0x1f, 0xc0, + 0x84, 0xee, 0x9c, 0x04, 0x16, 0x92, 0xab, 0xbc, 0x90, 0x84, 0xa0, 0x14, 0x21, 0x1e, 0x42, 0x21, + 0x4e, 0xad, 0x1b, 0xef, 0xe1, 0xf5, 0xde, 0x87, 0x3c, 0xad, 0xc9, 0x71, 0x6c, 0x13, 0xb7, 0xff, + 0x00, 0x56, 0x62, 0x80, 0x23, 0xf3, 0xf9, 0x43, 0x80, 0xbc, 0x53, 0xc9, 0x83, 0x9f, 0x7a, 0xf9, + 0xb8, 0x07, 0x97, 0x9a, 0xdd, 0x06, 0x7e, 0xe7, 0x68, 0xb3, 0x1b, 0x4d, 0xdc, 0x32, 0x2c, 0xcf, + 0xc6, 0x15, 0x89, 0x5d, 0xd9, 0x92, 0x77, 0x65, 0x4b, 0x55, 0x9d, 0x6c, 0xdd, 0x3d, 0x54, 0x4e, + 0x3a, 0x58, 0x9e, 0x6b, 0x76, 0x2b, 0x0c, 0xb4, 0x43, 0x31, 0x68, 0x07, 0xc0, 0x54, 0xda, 0x9a, + 0x4e, 0xd3, 0x81, 0x66, 0x48, 0xb6, 0x24, 0xf2, 0x58, 0xee, 0xf7, 0x24, 0xe5, 0x00, 0x4a, 0xfc, + 0x4d, 0x80, 0x95, 0x18, 0xa6, 0x6e, 0x04, 0x1e, 0xc1, 0xa4, 0xe3, 0x8f, 0x77, 0xef, 0xa4, 0x0b, + 0x01, 0x83, 0x9c, 0x0b, 0xbb, 0x5f, 0x05, 0x58, 0x61, 0xb7, 0xd0, 0xa0, 0x3b, 0xcb, 0x39, 0x15, + 0x63, 0xa9, 0x4f, 0xc5, 0x78, 0xcc, 0xa9, 0x38, 0x84, 0x42, 0x1c, 0x9b, 0x91, 0xd3, 0xe5, 0x01, + 0xac, 0xb0, 0x12, 0x3f, 0x70, 0xfe, 0x1e, 0x42, 0x21, 0x0e, 0x39, 0x32, 0xa3, 0x17, 0xb0, 0xca, + 0x0e, 0xaa, 0x8c, 0xdb, 0x9a, 0x4d, 0x2c, 0xba, 0x1d, 0x15, 0x9d, 0x58, 0x5d, 0x8f, 0xd6, 0x3d, + 0x98, 0xc4, 0xce, 0x6f, 0x57, 0xf9, 0x5a, 0xf8, 0x7a, 0x88, 0xc2, 0x98, 0xb4, 0xf8, 0x12, 0xd6, + 0xb8, 0x8a, 0x5d, 0xd6, 0x43, 0x6a, 0x7e, 0x04, 0x1f, 0xd3, 0xa3, 0xcc, 0x65, 0xbc, 0x02, 0xd3, + 0x54, 0xd2, 0x8f, 0xe3, 0x45, 0xfa, 0xbb, 0xaa, 0x3a, 0xee, 0xf2, 0xb0, 0xa3, 0x91, 0xfa, 0x57, + 0x80, 0xec, 0x4e, 0xd7, 0xbf, 0x75, 0xef, 0x86, 0xaf, 0x94, 0x74, 0x17, 0x2b, 0xda, 0x83, 0xc9, + 0x53, 0x85, 0x1c, 0x1d, 0xbb, 0xbd, 0xc7, 0x26, 0x6f, 0x23, 0x03, 0x96, 0xa4, 0x67, 0x0e, 0x60, + 0x07, 0x1f, 0x2b, 0x6f, 0x35, 0xc3, 0x92, 0x19, 0x5e, 0x2c, 0xc1, 0x4c, 0x68, 0x1d, 0xcd, 0x41, + 0xf6, 0xd9, 0x76, 0xbd, 0xfc, 0x4d, 0xa3, 0xf2, 0x72, 0x9b, 0x76, 0x22, 0xf3, 0x90, 0x63, 0x0b, + 0xb5, 0x83, 0x9d, 0x5a, 0xa5, 0x3e, 0x2f, 0x88, 0x8f, 0x01, 0xfc, 0xd3, 0x89, 0x16, 0x61, 0x92, + 0x18, 0x3f, 0x60, 0xdd, 0x8d, 0x20, 0xfb, 0xe1, 0xe4, 0xa8, 0xa9, 0xb4, 0x71, 0xc3, 0xd6, 0xde, + 0xb3, 0xab, 0x6a, 0x52, 0x9e, 0x76, 0x16, 0x6a, 0xda, 0x7b, 0x2c, 0xfe, 0x39, 0x06, 0xab, 0x4e, + 0x89, 0xe9, 0x0f, 0x92, 0xe6, 0x97, 0xc4, 0xaf, 0x20, 0xd7, 0xec, 0x36, 0x4c, 0xc5, 0xc2, 0x3a, + 0xf1, 0xb6, 0x27, 0x5b, 0xfa, 0x28, 0x52, 0x0d, 0x6b, 0xc4, 0xd2, 0xf4, 0x36, 0x2b, 0x87, 0xd0, + 0xec, 0xee, 0x53, 0x40, 0x55, 0x45, 0x4f, 0x28, 0x3e, 0xd8, 0xb2, 0x38, 0xf8, 0x4f, 0x53, 0xc4, + 0x49, 0xce, 0x36, 0x03, 0xdb, 0xc3, 0x78, 0xf8, 0xc7, 0x6d, 0x3c, 0x1d, 0x8f, 0x9a, 0x57, 0x74, + 0xc2, 0x35, 0x6f, 0x62, 0xa8, 0x9a, 0xf7, 0xbb, 0x00, 0x6b, 0xdc, 0x70, 0xb9, 0xd9, 0xf8, 0x10, + 0x68, 0xea, 0x6a, 0xbd, 0xca, 0x7c, 0x66, 0x3e, 0x7a, 0xf2, 0xe7, 0x52, 0x96, 0x5f, 0xc0, 0x2a, + 0xab, 0x83, 0xff, 0x43, 0x75, 0xe0, 0x2a, 0x1e, 0xed, 0x20, 0x7e, 0x01, 0xab, 0xac, 0x50, 0x0e, + 0x53, 0x1e, 0x5e, 0xc2, 0x1a, 0x17, 0x3c, 0x1a, 0xad, 0x87, 0x90, 0xf9, 0xd6, 0xd0, 0xf4, 0x3a, + 0x3d, 0x45, 0xf1, 0x67, 0x6b, 0x09, 0xa6, 0x68, 0xaf, 0xd0, 0xa5, 0x9b, 0x35, 0x2e, 0xbb, 0xbf, + 0xc4, 0x57, 0xb0, 0xc4, 0x2a, 0x69, 0x4f, 0x81, 0xe7, 0xc9, 0xd7, 0x00, 0x6f, 0x0c, 0x4d, 0x6f, + 0xf8, 0xca, 0xb2, 0xa5, 0x4f, 0x78, 0x5b, 0xec, 0xa3, 0x33, 0x6f, 0xbc, 0x7f, 0x8a, 0xaf, 0x61, + 0x39, 0xa2, 0xdb, 0x75, 0x74, 0x74, 0xe5, 0x77, 0xe0, 0x32, 0x2d, 0xb6, 0x11, 0xde, 0xb1, 0xfe, + 0x3b, 0x7e, 0xf6, 0x8b, 0x9f, 0x1b, 0x15, 0x09, 0x96, 0xd8, 0xc6, 0xa6, 0xe4, 0xf2, 0x1a, 0x96, + 0x23, 0xf2, 0xe7, 0x46, 0xe6, 0x31, 0x2c, 0xed, 0x5b, 0x1d, 0xdd, 0xd7, 0xdd, 0x2b, 0x8f, 0xd7, + 0x60, 0x36, 0xa6, 0x5d, 0x1c, 0x97, 0x67, 0x70, 0xb0, 0x1f, 0x14, 0x57, 0x60, 0x39, 0xa2, 0x80, + 0xb1, 0x2b, 0xfd, 0xb5, 0x04, 0x19, 0xe7, 0xc1, 0x50, 0x73, 0xcc, 0x23, 0x0d, 0x72, 0xc1, 0x31, + 0x0a, 0xba, 0xc5, 0xe3, 0x19, 0x33, 0xb1, 0x29, 0xdc, 0x4e, 0x27, 0xec, 0x86, 0xa5, 0x05, 0xd9, + 0xc0, 0xb4, 0x04, 0xdd, 0xe4, 0x81, 0xa3, 0x03, 0x99, 0xc2, 0xad, 0x54, 0xb2, 0xbe, 0x9d, 0xc0, + 0xe8, 0x84, 0x6f, 0x27, 0x3a, 0x75, 0xe1, 0xdb, 0x89, 0x9b, 0xc5, 0x68, 0x90, 0x0b, 0x8e, 0x45, + 0xf8, 0xa1, 0x8b, 0x99, 0xc0, 0xf0, 0x43, 0x17, 0x3b, 0x69, 0xd1, 0x20, 0x17, 0x1c, 0x7b, 0xf0, + 0x4d, 0xc5, 0x4c, 0x58, 0xf8, 0xa6, 0x62, 0x27, 0x29, 0x1a, 0xe4, 0x82, 0x33, 0x06, 0xbe, 0xa9, + 0x98, 0xe9, 0x06, 0xdf, 0x54, 0xec, 0xd8, 0xe2, 0x03, 0xa0, 0xe8, 0x13, 0x10, 0x6d, 0x26, 0x27, + 0x55, 0x4c, 0x5f, 0x5c, 0x28, 0x0d, 0x02, 0x71, 0x8d, 0xbf, 0x83, 0x4b, 0x91, 0xe7, 0x1e, 0xda, + 0x48, 0xcc, 0xb3, 0x38, 0xd3, 0x9b, 0x03, 0x20, 0x7c, 0xcb, 0x91, 0x67, 0x16, 0xdf, 0x32, 0xef, + 0xed, 0xc8, 0xb7, 0xcc, 0x7f, 0xc3, 0x7d, 0x00, 0x14, 0x7d, 0xb4, 0xf0, 0x03, 0xce, 0x7d, 0x6e, + 0xf1, 0x03, 0x9e, 0xf0, 0x26, 0xfa, 0x00, 0x28, 0xfa, 0x3e, 0xe1, 0x1b, 0xe7, 0xbe, 0x82, 0xf8, + 0xc6, 0x13, 0x9e, 0x3f, 0x1d, 0x98, 0xef, 0x9f, 0x17, 0xa1, 0x22, 0x4f, 0x0f, 0x67, 0x72, 0x55, + 0xd8, 0x48, 0x0f, 0xf0, 0xcd, 0xee, 0xa5, 0x36, 0xbb, 0x37, 0xa8, 0x59, 0xee, 0xb4, 0xea, 0x17, + 0xc1, 0xbb, 0xb4, 0x23, 0xdd, 0x06, 0xda, 0x4a, 0x3e, 0x2b, 0xbc, 0x9e, 0xa8, 0x70, 0x7f, 0x60, + 0x9c, 0x4b, 0xe6, 0x67, 0xc1, 0xbd, 0xb5, 0xa3, 0x5c, 0xee, 0x25, 0x1e, 0x1e, 0x2e, 0x95, 0xad, + 0x41, 0x61, 0x81, 0xb0, 0x70, 0xda, 0x69, 0x7e, 0x58, 0x92, 0x9f, 0x2b, 0xfc, 0xb0, 0x9c, 0xd5, + 0xb7, 0x3b, 0x64, 0x38, 0x0d, 0x2e, 0x9f, 0x4c, 0x72, 0xab, 0xcd, 0x27, 0x73, 0x56, 0x27, 0xed, + 0x90, 0xe1, 0xb4, 0xb5, 0x7c, 0x32, 0xc9, 0x4d, 0x34, 0x9f, 0xcc, 0x59, 0xfd, 0xb3, 0x05, 0x73, + 0x7d, 0x1d, 0x27, 0x92, 0x92, 0x93, 0xaf, 0xbf, 0x65, 0x2b, 0x14, 0x53, 0xcb, 0xbb, 0x36, 0x0d, + 0x98, 0x0d, 0x77, 0x96, 0xe8, 0x4e, 0x62, 0x92, 0x45, 0x2c, 0x4a, 0x69, 0xc5, 0x7d, 0x27, 0xfb, + 0xda, 0x47, 0xbe, 0x93, 0xf1, 0x7d, 0x29, 0xdf, 0x49, 0x5e, 0x5f, 0x6a, 0xc1, 0x5c, 0x5f, 0x53, + 0xc8, 0xb7, 0x19, 0xdf, 0x7e, 0xf2, 0x6d, 0x72, 0xba, 0x4d, 0xf4, 0x0a, 0x32, 0x65, 0x43, 0x6f, + 0x69, 0xed, 0x8e, 0x85, 0xd1, 0xb5, 0xf0, 0x53, 0xc8, 0xfd, 0x7f, 0xc4, 0xde, 0x77, 0xcf, 0xc8, + 0xf5, 0xb3, 0xc4, 0x7a, 0x8d, 0xde, 0xcc, 0x1e, 0x26, 0xfb, 0xf4, 0x73, 0x55, 0x6f, 0x19, 0xe8, + 0xb3, 0x58, 0x60, 0x48, 0xc6, 0xb3, 0x71, 0x33, 0x8d, 0x28, 0xb3, 0xb3, 0x93, 0x7d, 0x95, 0xe9, + 0x39, 0xba, 0x7f, 0x61, 0x5f, 0xd8, 0x1f, 0x6b, 0x4e, 0xd1, 0xf7, 0xff, 0xe7, 0xff, 0x05, 0x00, + 0x00, 0xff, 0xff, 0x5f, 0x2a, 0x34, 0xe0, 0x81, 0x1d, 0x00, 0x00, } diff --git a/proto/server/datastore/datastore.proto b/proto/server/datastore/datastore.proto index ff06ff406e..9c5f7d70c8 100644 --- a/proto/server/datastore/datastore.proto +++ b/proto/server/datastore/datastore.proto @@ -133,10 +133,12 @@ message FetchAttestedNodeResponse { message ListAttestedNodesRequest { google.protobuf.Int64Value by_expires_before = 1; + Pagination pagination = 2; } message ListAttestedNodesResponse { repeated AttestedNode nodes = 1; + Pagination pagination = 2; } message UpdateAttestedNodeRequest { @@ -189,14 +191,21 @@ message BySelectors { MatchBehavior match = 2; } +message Pagination { + string token = 1; + int32 page_size = 2; +} + message ListRegistrationEntriesRequest { google.protobuf.StringValue by_parent_id = 1; BySelectors by_selectors = 2; google.protobuf.StringValue by_spiffe_id = 3; + Pagination pagination = 4; } message ListRegistrationEntriesResponse { repeated spire.common.RegistrationEntry entries = 1; + Pagination pagination = 2; } message UpdateRegistrationEntryRequest { diff --git a/test/fakes/fakedatastore/fakedatastore.go b/test/fakes/fakedatastore/fakedatastore.go index 1aa265c5e3..4dcb233ed6 100644 --- a/test/fakes/fakedatastore/fakedatastore.go +++ b/test/fakes/fakedatastore/fakedatastore.go @@ -400,11 +400,53 @@ func (s *DataStore) ListRegistrationEntries(ctx context.Context, } util.SortRegistrationEntries(entries) + p := req.Pagination + // in case pagination is defined and page size greater than zero apply pagination + if p != nil && p.PageSize > 0 { + // as default start in first position + init := 0 + + // If token is defined set index of initial element + if p.Token != "" { + init = indexOf(p.Token, entries) + 1 + } + + // set end as initial element + page size, if end is greater to entries size use length as end + length := len(entries) + end := init + int(p.PageSize) + if end > length { + end = length + } + + // create a new array with paged entries + pagedEntries := entries[init:end] + if len(pagedEntries) > 0 { + lastIndex := len(pagedEntries) - 1 + // change token to latests element entryId + p.Token = pagedEntries[lastIndex].EntryId + + } + return &datastore.ListRegistrationEntriesResponse{ + Entries: pagedEntries, + Pagination: p, + }, nil + } + return &datastore.ListRegistrationEntriesResponse{ - Entries: entries, + Entries: entries, + Pagination: p, }, nil } +func indexOf(element string, entries []*common.RegistrationEntry) int { + for k, e := range entries { + if element == e.EntryId { + return k + } + } + return -1 +} + func (s DataStore) UpdateRegistrationEntry(ctx context.Context, req *datastore.UpdateRegistrationEntryRequest) (*datastore.UpdateRegistrationEntryResponse, error) {