diff --git a/api/gen/proto/go/teleport/machineid/v1/bot_instance.pb.go b/api/gen/proto/go/teleport/machineid/v1/bot_instance.pb.go index 35de192ff3ec7..602d027a97abf 100644 --- a/api/gen/proto/go/teleport/machineid/v1/bot_instance.pb.go +++ b/api/gen/proto/go/teleport/machineid/v1/bot_instance.pb.go @@ -22,6 +22,7 @@ package machineidv1 import ( v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + v11 "github.com/gravitational/teleport/api/gen/proto/go/teleport/workloadidentity/v1" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" durationpb "google.golang.org/protobuf/types/known/durationpb" @@ -345,6 +346,10 @@ type BotInstanceStatusAuthentication struct { // encoded public key. This provides consistency and supports multiple types // of public key algorithm. PublicKey []byte `protobuf:"bytes,6,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` + // The attributes generated during the join process. Typically, this is + // information from the join attestation process itself. This field will + // eventually replace the `metadata` field, which is structureless. + JoinAttrs *v11.JoinAttrs `protobuf:"bytes,8,opt,name=join_attrs,json=joinAttrs,proto3" json:"join_attrs,omitempty"` } func (x *BotInstanceStatusAuthentication) Reset() { @@ -421,6 +426,13 @@ func (x *BotInstanceStatusAuthentication) GetPublicKey() []byte { return nil } +func (x *BotInstanceStatusAuthentication) GetJoinAttrs() *v11.JoinAttrs { + if x != nil { + return x.JoinAttrs + } + return nil +} + // BotInstanceStatus holds the status of a BotInstance. type BotInstanceStatus struct { state protoimpl.MessageState @@ -512,103 +524,110 @@ var file_teleport_machineid_v1_bot_instance_proto_rawDesc = []byte{ 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x22, 0x8e, 0x02, 0x0a, 0x0b, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, - 0x6e, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x75, 0x62, 0x5f, 0x6b, - 0x69, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x4b, 0x69, - 0x6e, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x08, - 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, - 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, - 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, - 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3a, 0x0a, 0x04, 0x73, 0x70, 0x65, 0x63, 0x18, 0x05, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, - 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, - 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x52, 0x04, 0x73, 0x70, - 0x65, 0x63, 0x12, 0x40, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, - 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, - 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x22, 0x58, 0x0a, 0x0f, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, - 0x6e, 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x12, 0x19, 0x0a, 0x08, 0x62, 0x6f, 0x74, 0x5f, 0x6e, - 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x62, 0x6f, 0x74, 0x4e, 0x61, - 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, - 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, - 0x65, 0x49, 0x64, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x22, 0xd1, - 0x02, 0x0a, 0x1a, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x12, 0x3b, 0x0a, - 0x0b, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, - 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x73, - 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, - 0x69, 0x73, 0x53, 0x74, 0x61, 0x72, 0x74, 0x75, 0x70, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, - 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, - 0x31, 0x0a, 0x06, 0x75, 0x70, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, - 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x75, 0x70, 0x74, 0x69, - 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, - 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, - 0x68, 0x6f, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x6f, 0x6e, 0x65, 0x5f, 0x73, 0x68, 0x6f, 0x74, 0x18, - 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x6f, 0x6e, 0x65, 0x53, 0x68, 0x6f, 0x74, 0x12, 0x22, - 0x0a, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, 0x08, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, - 0x72, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x6f, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, - 0x6f, 0x73, 0x22, 0xaf, 0x02, 0x0a, 0x1f, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, - 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x45, 0x0a, 0x10, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, - 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x61, 0x75, - 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1f, 0x0a, - 0x0b, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x1d, - 0x0a, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x09, 0x6a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x33, 0x0a, - 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, - 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, - 0x74, 0x61, 0x12, 0x1e, 0x0a, 0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, - 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, - 0x79, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x52, 0x0b, 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x70, - 0x72, 0x69, 0x6e, 0x74, 0x22, 0xb1, 0x03, 0x0a, 0x11, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, - 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x6d, 0x0a, 0x16, 0x69, 0x6e, - 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x74, 0x65, 0x6c, + 0x6f, 0x74, 0x6f, 0x1a, 0x2d, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x77, 0x6f, + 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, + 0x31, 0x2f, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x22, 0x8e, 0x02, 0x0a, 0x0b, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, + 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x75, 0x62, 0x5f, 0x6b, 0x69, + 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x4b, 0x69, 0x6e, + 0x64, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x08, 0x6d, + 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, + 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3a, 0x0a, 0x04, 0x73, 0x70, 0x65, 0x63, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, + 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x52, 0x04, 0x73, 0x70, 0x65, + 0x63, 0x12, 0x40, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x28, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, + 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x22, 0x58, 0x0a, 0x0f, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, + 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x12, 0x19, 0x0a, 0x08, 0x62, 0x6f, 0x74, 0x5f, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x62, 0x6f, 0x74, 0x4e, 0x61, 0x6d, + 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, + 0x49, 0x64, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x22, 0xd1, 0x02, + 0x0a, 0x1a, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x12, 0x3b, 0x0a, 0x0b, + 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x72, + 0x65, 0x63, 0x6f, 0x72, 0x64, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x73, 0x5f, + 0x73, 0x74, 0x61, 0x72, 0x74, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, + 0x73, 0x53, 0x74, 0x61, 0x72, 0x74, 0x75, 0x70, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, + 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x31, + 0x0a, 0x06, 0x75, 0x70, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x75, 0x70, 0x74, 0x69, 0x6d, + 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x6f, 0x6e, 0x65, 0x5f, 0x73, 0x68, 0x6f, 0x74, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x6f, 0x6e, 0x65, 0x53, 0x68, 0x6f, 0x74, 0x12, 0x22, 0x0a, + 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, 0x72, + 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x6f, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x6f, + 0x73, 0x22, 0xf7, 0x02, 0x0a, 0x1f, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, + 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x45, 0x0a, 0x10, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1f, 0x0a, 0x0b, + 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x1d, 0x0a, + 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x09, 0x6a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x33, 0x0a, 0x08, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, + 0x61, 0x12, 0x1e, 0x0a, 0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, + 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, + 0x12, 0x46, 0x0a, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x73, 0x18, 0x08, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x52, 0x09, 0x6a, + 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x52, 0x0b, + 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x22, 0xb1, 0x03, 0x0a, 0x11, + 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x12, 0x6d, 0x0a, 0x16, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x36, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, + 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, + 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x69, 0x6e, 0x69, 0x74, 0x69, + 0x61, 0x6c, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x12, 0x6d, 0x0a, 0x16, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, + 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x36, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, + 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, + 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x15, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x74, + 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, + 0x5e, 0x0a, 0x11, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x68, 0x65, 0x61, 0x72, 0x74, + 0x62, 0x65, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x52, 0x15, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x41, 0x75, 0x74, 0x68, 0x65, - 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x6d, 0x0a, 0x16, 0x6c, 0x61, 0x74, - 0x65, 0x73, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x74, 0x65, 0x6c, 0x65, - 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, - 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x52, 0x15, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, - 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5e, 0x0a, 0x11, 0x69, 0x6e, 0x69, 0x74, - 0x69, 0x61, 0x6c, 0x5f, 0x68, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, - 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, - 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x52, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x48, - 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x12, 0x5e, 0x0a, 0x11, 0x6c, 0x61, 0x74, 0x65, - 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x73, 0x18, 0x04, 0x20, - 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, - 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, - 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x52, 0x10, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x74, 0x48, 0x65, - 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x73, 0x42, 0x56, 0x5a, 0x54, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, - 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, - 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, - 0x64, 0x2f, 0x76, 0x31, 0x3b, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x76, 0x31, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x52, 0x10, 0x69, + 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x12, + 0x5e, 0x0a, 0x11, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x72, 0x74, 0x62, + 0x65, 0x61, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2e, + 0x76, 0x31, 0x2e, 0x42, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x53, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x52, 0x10, 0x6c, + 0x61, 0x74, 0x65, 0x73, 0x74, 0x48, 0x65, 0x61, 0x72, 0x74, 0x62, 0x65, 0x61, 0x74, 0x73, 0x42, + 0x56, 0x5a, 0x54, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, + 0x61, 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x6d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x69, 0x64, 0x2f, 0x76, 0x31, 0x3b, 0x6d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x69, 0x64, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -634,6 +653,7 @@ var file_teleport_machineid_v1_bot_instance_proto_goTypes = []any{ (*timestamppb.Timestamp)(nil), // 6: google.protobuf.Timestamp (*durationpb.Duration)(nil), // 7: google.protobuf.Duration (*structpb.Struct)(nil), // 8: google.protobuf.Struct + (*v11.JoinAttrs)(nil), // 9: teleport.workloadidentity.v1.JoinAttrs } var file_teleport_machineid_v1_bot_instance_proto_depIdxs = []int32{ 5, // 0: teleport.machineid.v1.BotInstance.metadata:type_name -> teleport.header.v1.Metadata @@ -643,15 +663,16 @@ var file_teleport_machineid_v1_bot_instance_proto_depIdxs = []int32{ 7, // 4: teleport.machineid.v1.BotInstanceStatusHeartbeat.uptime:type_name -> google.protobuf.Duration 6, // 5: teleport.machineid.v1.BotInstanceStatusAuthentication.authenticated_at:type_name -> google.protobuf.Timestamp 8, // 6: teleport.machineid.v1.BotInstanceStatusAuthentication.metadata:type_name -> google.protobuf.Struct - 3, // 7: teleport.machineid.v1.BotInstanceStatus.initial_authentication:type_name -> teleport.machineid.v1.BotInstanceStatusAuthentication - 3, // 8: teleport.machineid.v1.BotInstanceStatus.latest_authentications:type_name -> teleport.machineid.v1.BotInstanceStatusAuthentication - 2, // 9: teleport.machineid.v1.BotInstanceStatus.initial_heartbeat:type_name -> teleport.machineid.v1.BotInstanceStatusHeartbeat - 2, // 10: teleport.machineid.v1.BotInstanceStatus.latest_heartbeats:type_name -> teleport.machineid.v1.BotInstanceStatusHeartbeat - 11, // [11:11] is the sub-list for method output_type - 11, // [11:11] is the sub-list for method input_type - 11, // [11:11] is the sub-list for extension type_name - 11, // [11:11] is the sub-list for extension extendee - 0, // [0:11] is the sub-list for field type_name + 9, // 7: teleport.machineid.v1.BotInstanceStatusAuthentication.join_attrs:type_name -> teleport.workloadidentity.v1.JoinAttrs + 3, // 8: teleport.machineid.v1.BotInstanceStatus.initial_authentication:type_name -> teleport.machineid.v1.BotInstanceStatusAuthentication + 3, // 9: teleport.machineid.v1.BotInstanceStatus.latest_authentications:type_name -> teleport.machineid.v1.BotInstanceStatusAuthentication + 2, // 10: teleport.machineid.v1.BotInstanceStatus.initial_heartbeat:type_name -> teleport.machineid.v1.BotInstanceStatusHeartbeat + 2, // 11: teleport.machineid.v1.BotInstanceStatus.latest_heartbeats:type_name -> teleport.machineid.v1.BotInstanceStatusHeartbeat + 12, // [12:12] is the sub-list for method output_type + 12, // [12:12] is the sub-list for method input_type + 12, // [12:12] is the sub-list for extension type_name + 12, // [12:12] is the sub-list for extension extendee + 0, // [0:12] is the sub-list for field type_name } func init() { file_teleport_machineid_v1_bot_instance_proto_init() } diff --git a/api/gen/proto/go/teleport/workloadidentity/v1/attrs.pb.go b/api/gen/proto/go/teleport/workloadidentity/v1/attrs.pb.go index 0f28b347cc086..e458d63ae83d0 100644 --- a/api/gen/proto/go/teleport/workloadidentity/v1/attrs.pb.go +++ b/api/gen/proto/go/teleport/workloadidentity/v1/attrs.pb.go @@ -363,6 +363,9 @@ type Attrs struct { // Attributes sourced from the user/bot making the request for a workload // identity credential. User *UserAttrs `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` + // Attributes sourced from the join process that the Bot underwent. This will + // be unset if the principal making the request is not a Bot. + Join *JoinAttrs `protobuf:"bytes,3,opt,name=join,proto3" json:"join,omitempty"` } func (x *Attrs) Reset() { @@ -411,6 +414,13 @@ func (x *Attrs) GetUser() *UserAttrs { return nil } +func (x *Attrs) GetJoin() *JoinAttrs { + if x != nil { + return x.Join + } + return nil +} + var File_teleport_workloadidentity_v1_attrs_proto protoreflect.FileDescriptor var file_teleport_workloadidentity_v1_attrs_proto_rawDesc = []byte{ @@ -418,77 +428,84 @@ var file_teleport_workloadidentity_v1_attrs_proto_rawDesc = []byte{ 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x74, 0x74, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1c, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, - 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x22, 0xc6, 0x02, 0x0a, 0x17, 0x57, 0x6f, 0x72, - 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, - 0x65, 0x74, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, 0x64, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, 0x64, - 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x19, - 0x0a, 0x08, 0x70, 0x6f, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x07, 0x70, 0x6f, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, - 0x6e, 0x74, 0x12, 0x17, 0x0a, 0x07, 0x70, 0x6f, 0x64, 0x5f, 0x75, 0x69, 0x64, 0x18, 0x05, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x6f, 0x64, 0x55, 0x69, 0x64, 0x12, 0x59, 0x0a, 0x06, 0x6c, - 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x41, 0x2e, 0x74, 0x65, - 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, - 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, - 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, - 0x65, 0x73, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, - 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, - 0x01, 0x22, 0x65, 0x0a, 0x11, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, - 0x72, 0x73, 0x55, 0x6e, 0x69, 0x78, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, - 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, - 0x65, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x70, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, - 0x03, 0x70, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x0d, 0x52, 0x03, 0x67, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x69, 0x64, 0x18, 0x04, 0x20, - 0x01, 0x28, 0x0d, 0x52, 0x03, 0x75, 0x69, 0x64, 0x22, 0xab, 0x01, 0x0a, 0x0d, 0x57, 0x6f, 0x72, - 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x12, 0x43, 0x0a, 0x04, 0x75, 0x6e, - 0x69, 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, - 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, - 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, - 0x41, 0x74, 0x74, 0x72, 0x73, 0x55, 0x6e, 0x69, 0x78, 0x52, 0x04, 0x75, 0x6e, 0x69, 0x78, 0x12, - 0x55, 0x0a, 0x0a, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, - 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, - 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, - 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x52, 0x0a, 0x6b, 0x75, 0x62, 0x65, - 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x22, 0x81, 0x02, 0x0a, 0x09, 0x55, 0x73, 0x65, 0x72, 0x41, - 0x74, 0x74, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x69, 0x73, 0x5f, 0x62, - 0x6f, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x69, 0x73, 0x42, 0x6f, 0x74, 0x12, - 0x19, 0x0a, 0x08, 0x62, 0x6f, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x07, 0x62, 0x6f, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x62, 0x6f, - 0x74, 0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x0d, 0x62, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, - 0x49, 0x64, 0x12, 0x4b, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03, - 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, + 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x1a, 0x2d, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x2f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x2f, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, + 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc6, 0x02, 0x0a, 0x17, 0x57, 0x6f, 0x72, 0x6b, + 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, + 0x74, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, 0x64, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, 0x64, 0x12, + 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x19, 0x0a, + 0x08, 0x70, 0x6f, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x70, 0x6f, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x12, 0x17, 0x0a, 0x07, 0x70, 0x6f, 0x64, 0x5f, 0x75, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x06, 0x70, 0x6f, 0x64, 0x55, 0x69, 0x64, 0x12, 0x59, 0x0a, 0x06, 0x6c, 0x61, + 0x62, 0x65, 0x6c, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x41, 0x2e, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, + 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, + 0x73, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x6c, + 0x61, 0x62, 0x65, 0x6c, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, + 0x22, 0x65, 0x0a, 0x11, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, + 0x73, 0x55, 0x6e, 0x69, 0x78, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x65, + 0x64, 0x12, 0x10, 0x0a, 0x03, 0x70, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, + 0x70, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x67, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, + 0x52, 0x03, 0x67, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x0d, 0x52, 0x03, 0x75, 0x69, 0x64, 0x22, 0xab, 0x01, 0x0a, 0x0d, 0x57, 0x6f, 0x72, 0x6b, + 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x12, 0x43, 0x0a, 0x04, 0x75, 0x6e, 0x69, + 0x78, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, + 0x74, 0x74, 0x72, 0x73, 0x55, 0x6e, 0x69, 0x78, 0x52, 0x04, 0x75, 0x6e, 0x69, 0x78, 0x12, 0x55, + 0x0a, 0x0a, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, - 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x41, 0x74, 0x74, 0x72, 0x73, 0x2e, 0x4c, 0x61, 0x62, 0x65, - 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x1a, - 0x39, 0x0a, 0x0b, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, - 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, - 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x8d, 0x01, 0x0a, 0x05, 0x41, - 0x74, 0x74, 0x72, 0x73, 0x12, 0x47, 0x0a, 0x08, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, - 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, - 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, - 0x74, 0x72, 0x73, 0x52, 0x08, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x3b, 0x0a, - 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x74, 0x65, - 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, - 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x41, - 0x74, 0x74, 0x72, 0x73, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x42, 0x64, 0x5a, 0x62, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, 0x74, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, - 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, - 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, - 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x3b, 0x77, 0x6f, - 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x76, 0x31, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, + 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x52, 0x0a, 0x6b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x22, 0x81, 0x02, 0x0a, 0x09, 0x55, 0x73, 0x65, 0x72, 0x41, 0x74, + 0x74, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x69, 0x73, 0x5f, 0x62, 0x6f, + 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x69, 0x73, 0x42, 0x6f, 0x74, 0x12, 0x19, + 0x0a, 0x08, 0x62, 0x6f, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x07, 0x62, 0x6f, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x26, 0x0a, 0x0f, 0x62, 0x6f, 0x74, + 0x5f, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0d, 0x62, 0x6f, 0x74, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x49, + 0x64, 0x12, 0x4b, 0x0a, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x33, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, + 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x55, 0x73, 0x65, 0x72, 0x41, 0x74, 0x74, 0x72, 0x73, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, + 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x1a, 0x39, + 0x0a, 0x0b, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, + 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, + 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xca, 0x01, 0x0a, 0x05, 0x41, 0x74, + 0x74, 0x72, 0x73, 0x12, 0x47, 0x0a, 0x08, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x41, 0x74, 0x74, + 0x72, 0x73, 0x52, 0x08, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x3b, 0x0a, 0x04, + 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x41, 0x74, + 0x74, 0x72, 0x73, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x04, 0x6a, 0x6f, 0x69, + 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, + 0x52, 0x04, 0x6a, 0x6f, 0x69, 0x6e, 0x42, 0x64, 0x5a, 0x62, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x3b, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, + 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -512,6 +529,7 @@ var file_teleport_workloadidentity_v1_attrs_proto_goTypes = []any{ (*Attrs)(nil), // 4: teleport.workloadidentity.v1.Attrs nil, // 5: teleport.workloadidentity.v1.WorkloadAttrsKubernetes.LabelsEntry nil, // 6: teleport.workloadidentity.v1.UserAttrs.LabelsEntry + (*JoinAttrs)(nil), // 7: teleport.workloadidentity.v1.JoinAttrs } var file_teleport_workloadidentity_v1_attrs_proto_depIdxs = []int32{ 5, // 0: teleport.workloadidentity.v1.WorkloadAttrsKubernetes.labels:type_name -> teleport.workloadidentity.v1.WorkloadAttrsKubernetes.LabelsEntry @@ -520,11 +538,12 @@ var file_teleport_workloadidentity_v1_attrs_proto_depIdxs = []int32{ 6, // 3: teleport.workloadidentity.v1.UserAttrs.labels:type_name -> teleport.workloadidentity.v1.UserAttrs.LabelsEntry 2, // 4: teleport.workloadidentity.v1.Attrs.workload:type_name -> teleport.workloadidentity.v1.WorkloadAttrs 3, // 5: teleport.workloadidentity.v1.Attrs.user:type_name -> teleport.workloadidentity.v1.UserAttrs - 6, // [6:6] is the sub-list for method output_type - 6, // [6:6] is the sub-list for method input_type - 6, // [6:6] is the sub-list for extension type_name - 6, // [6:6] is the sub-list for extension extendee - 0, // [0:6] is the sub-list for field type_name + 7, // 6: teleport.workloadidentity.v1.Attrs.join:type_name -> teleport.workloadidentity.v1.JoinAttrs + 7, // [7:7] is the sub-list for method output_type + 7, // [7:7] is the sub-list for method input_type + 7, // [7:7] is the sub-list for extension type_name + 7, // [7:7] is the sub-list for extension extendee + 0, // [0:7] is the sub-list for field type_name } func init() { file_teleport_workloadidentity_v1_attrs_proto_init() } @@ -532,6 +551,7 @@ func file_teleport_workloadidentity_v1_attrs_proto_init() { if File_teleport_workloadidentity_v1_attrs_proto != nil { return } + file_teleport_workloadidentity_v1_join_attrs_proto_init() if !protoimpl.UnsafeEnabled { file_teleport_workloadidentity_v1_attrs_proto_msgTypes[0].Exporter = func(v any, i int) any { switch v := v.(*WorkloadAttrsKubernetes); i { diff --git a/api/gen/proto/go/teleport/workloadidentity/v1/join_attrs.pb.go b/api/gen/proto/go/teleport/workloadidentity/v1/join_attrs.pb.go new file mode 100644 index 0000000000000..467f9f431ba8c --- /dev/null +++ b/api/gen/proto/go/teleport/workloadidentity/v1/join_attrs.pb.go @@ -0,0 +1,2014 @@ +// Copyright 2025 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.34.2 +// protoc (unknown) +// source: teleport/workloadidentity/v1/join_attrs.proto + +package workloadidentityv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// The collection of attributes that result from the join process. +type JoinAttrs struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The collection of attributes that result from the join process but are not + // specific to any particular join method. + Meta *JoinAttrsMeta `protobuf:"bytes,1,opt,name=meta,proto3" json:"meta,omitempty"` + // Attributes that are specific to the GitLab (`gitlab`) join method. + Gitlab *JoinAttrsGitLab `protobuf:"bytes,2,opt,name=gitlab,proto3" json:"gitlab,omitempty"` + // Attributes that are specific to the GitHub (`github`) join method. + Github *JoinAttrsGitHub `protobuf:"bytes,3,opt,name=github,proto3" json:"github,omitempty"` + // Attributes that are specific to the AWS IAM (`iam`) join method. + Iam *JoinAttrsAWSIAM `protobuf:"bytes,4,opt,name=iam,proto3" json:"iam,omitempty"` + // Attributes that are specific to the TPM (`tpm`) join method. + Tpm *JoinAttrsTPM `protobuf:"bytes,5,opt,name=tpm,proto3" json:"tpm,omitempty"` + // Attributes that are specific to the Azure (`azure`) join method. + Azure *JoinAttrsAzure `protobuf:"bytes,6,opt,name=azure,proto3" json:"azure,omitempty"` + // Attributes that are specific to the CircleCI (`circleci`) join method. + Circleci *JoinAttrsCircleCI `protobuf:"bytes,7,opt,name=circleci,proto3" json:"circleci,omitempty"` + // Attributes that are specific to the Bitbucket (`bitbucket`) join method. + Bitbucket *JoinAttrsBitbucket `protobuf:"bytes,8,opt,name=bitbucket,proto3" json:"bitbucket,omitempty"` + // Attributes that are specific to the Terraform Cloud (`terraform_cloud`) join method. + TerraformCloud *JoinAttrsTerraformCloud `protobuf:"bytes,9,opt,name=terraform_cloud,json=terraformCloud,proto3" json:"terraform_cloud,omitempty"` + // Attributes that are specific to the Spacelift (`spacelift`) join method. + Spacelift *JoinAttrsSpacelift `protobuf:"bytes,10,opt,name=spacelift,proto3" json:"spacelift,omitempty"` + // Attributes that are specific to the GCP (`gcp`) join method. + Gcp *JoinAttrsGCP `protobuf:"bytes,11,opt,name=gcp,proto3" json:"gcp,omitempty"` + // Attributes that are specific to the Kubernetes (`kubernetes`) join method. + Kubernetes *JoinAttrsKubernetes `protobuf:"bytes,12,opt,name=kubernetes,proto3" json:"kubernetes,omitempty"` +} + +func (x *JoinAttrs) Reset() { + *x = JoinAttrs{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrs) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrs) ProtoMessage() {} + +func (x *JoinAttrs) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrs.ProtoReflect.Descriptor instead. +func (*JoinAttrs) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{0} +} + +func (x *JoinAttrs) GetMeta() *JoinAttrsMeta { + if x != nil { + return x.Meta + } + return nil +} + +func (x *JoinAttrs) GetGitlab() *JoinAttrsGitLab { + if x != nil { + return x.Gitlab + } + return nil +} + +func (x *JoinAttrs) GetGithub() *JoinAttrsGitHub { + if x != nil { + return x.Github + } + return nil +} + +func (x *JoinAttrs) GetIam() *JoinAttrsAWSIAM { + if x != nil { + return x.Iam + } + return nil +} + +func (x *JoinAttrs) GetTpm() *JoinAttrsTPM { + if x != nil { + return x.Tpm + } + return nil +} + +func (x *JoinAttrs) GetAzure() *JoinAttrsAzure { + if x != nil { + return x.Azure + } + return nil +} + +func (x *JoinAttrs) GetCircleci() *JoinAttrsCircleCI { + if x != nil { + return x.Circleci + } + return nil +} + +func (x *JoinAttrs) GetBitbucket() *JoinAttrsBitbucket { + if x != nil { + return x.Bitbucket + } + return nil +} + +func (x *JoinAttrs) GetTerraformCloud() *JoinAttrsTerraformCloud { + if x != nil { + return x.TerraformCloud + } + return nil +} + +func (x *JoinAttrs) GetSpacelift() *JoinAttrsSpacelift { + if x != nil { + return x.Spacelift + } + return nil +} + +func (x *JoinAttrs) GetGcp() *JoinAttrsGCP { + if x != nil { + return x.Gcp + } + return nil +} + +func (x *JoinAttrs) GetKubernetes() *JoinAttrsKubernetes { + if x != nil { + return x.Kubernetes + } + return nil +} + +// The collection of attributes that result from the join process but are not +// specific to any particular join method. +type JoinAttrsMeta struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The name of the join token that was used to join. + // + // This field is omitted if the join token that was used to join was of the + // `token` method as in this case, the name of the join token is sensitive. + // + // Example: `my-gitlab-join-token` + JoinTokenName string `protobuf:"bytes,1,opt,name=join_token_name,json=joinTokenName,proto3" json:"join_token_name,omitempty"` + // The name of the join method that was used to join. + // + // Example: `gitlab` + JoinMethod string `protobuf:"bytes,2,opt,name=join_method,json=joinMethod,proto3" json:"join_method,omitempty"` +} + +func (x *JoinAttrsMeta) Reset() { + *x = JoinAttrsMeta{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsMeta) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsMeta) ProtoMessage() {} + +func (x *JoinAttrsMeta) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsMeta.ProtoReflect.Descriptor instead. +func (*JoinAttrsMeta) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{1} +} + +func (x *JoinAttrsMeta) GetJoinTokenName() string { + if x != nil { + return x.JoinTokenName + } + return "" +} + +func (x *JoinAttrsMeta) GetJoinMethod() string { + if x != nil { + return x.JoinMethod + } + return "" +} + +// Attributes that are specific to the GitLab join method. +// +// Typically, these are mapped directly from the claims of the GitLab JWT that +// was used to join. You can view the documentation for those claims at: +// https://docs.gitlab.com/ee/ci/secrets/id_token_authentication.html#token-payload +type JoinAttrsGitLab struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the GitLab JWT that was used to join. + // For example: `project_path:mygroup/my-project:ref_type:branch:ref:main` + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The ref that the pipeline is running against. + // For example: `main` + Ref string `protobuf:"bytes,2,opt,name=ref,proto3" json:"ref,omitempty"` + // The type of ref that the pipeline is running against. + // This is typically `branch` or `tag`. + RefType string `protobuf:"bytes,3,opt,name=ref_type,json=refType,proto3" json:"ref_type,omitempty"` + // Whether or not the ref that the pipeline is running against is protected. + RefProtected bool `protobuf:"varint,4,opt,name=ref_protected,json=refProtected,proto3" json:"ref_protected,omitempty"` + // The path of the namespace of the project that the pipeline is running within. + // For example: `mygroup` + NamespacePath string `protobuf:"bytes,5,opt,name=namespace_path,json=namespacePath,proto3" json:"namespace_path,omitempty"` + // The full qualified path of the project that the pipeline is running within. + // This includes the namespace path. + // For example: `mygroup/my-project` + ProjectPath string `protobuf:"bytes,6,opt,name=project_path,json=projectPath,proto3" json:"project_path,omitempty"` + // The name of the user that triggered the pipeline run. + UserLogin string `protobuf:"bytes,7,opt,name=user_login,json=userLogin,proto3" json:"user_login,omitempty"` + // The email of the user that triggered the pipeline run. + UserEmail string `protobuf:"bytes,8,opt,name=user_email,json=userEmail,proto3" json:"user_email,omitempty"` + // The ID of the pipeline. + PipelineId string `protobuf:"bytes,9,opt,name=pipeline_id,json=pipelineId,proto3" json:"pipeline_id,omitempty"` + // The source of the pipeline. + // For example: `push` or `web` + PipelineSource string `protobuf:"bytes,10,opt,name=pipeline_source,json=pipelineSource,proto3" json:"pipeline_source,omitempty"` + // The environment the pipeline is running against, if any. + Environment string `protobuf:"bytes,11,opt,name=environment,proto3" json:"environment,omitempty"` + // Whether or not the pipeline is running against a protected environment. + // If there is no configured environment, this field is false. + EnvironmentProtected bool `protobuf:"varint,12,opt,name=environment_protected,json=environmentProtected,proto3" json:"environment_protected,omitempty"` + // The ID of the runner that this pipeline is running on. + RunnerId int64 `protobuf:"varint,13,opt,name=runner_id,json=runnerId,proto3" json:"runner_id,omitempty"` + // The type of runner that is processing the pipeline. + // Either `gitlab-hosted` or `self-hosted`. + RunnerEnvironment string `protobuf:"bytes,14,opt,name=runner_environment,json=runnerEnvironment,proto3" json:"runner_environment,omitempty"` + // The SHA of the commit that triggered the pipeline run. + Sha string `protobuf:"bytes,15,opt,name=sha,proto3" json:"sha,omitempty"` + // The ref URI of the CI config configuring the pipeline. + CiConfigRefUri string `protobuf:"bytes,16,opt,name=ci_config_ref_uri,json=ciConfigRefUri,proto3" json:"ci_config_ref_uri,omitempty"` + // The Git SHA of the CI config ref configuring the pipeline. + CiConfigSha string `protobuf:"bytes,17,opt,name=ci_config_sha,json=ciConfigSha,proto3" json:"ci_config_sha,omitempty"` +} + +func (x *JoinAttrsGitLab) Reset() { + *x = JoinAttrsGitLab{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsGitLab) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsGitLab) ProtoMessage() {} + +func (x *JoinAttrsGitLab) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsGitLab.ProtoReflect.Descriptor instead. +func (*JoinAttrsGitLab) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{2} +} + +func (x *JoinAttrsGitLab) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsGitLab) GetRef() string { + if x != nil { + return x.Ref + } + return "" +} + +func (x *JoinAttrsGitLab) GetRefType() string { + if x != nil { + return x.RefType + } + return "" +} + +func (x *JoinAttrsGitLab) GetRefProtected() bool { + if x != nil { + return x.RefProtected + } + return false +} + +func (x *JoinAttrsGitLab) GetNamespacePath() string { + if x != nil { + return x.NamespacePath + } + return "" +} + +func (x *JoinAttrsGitLab) GetProjectPath() string { + if x != nil { + return x.ProjectPath + } + return "" +} + +func (x *JoinAttrsGitLab) GetUserLogin() string { + if x != nil { + return x.UserLogin + } + return "" +} + +func (x *JoinAttrsGitLab) GetUserEmail() string { + if x != nil { + return x.UserEmail + } + return "" +} + +func (x *JoinAttrsGitLab) GetPipelineId() string { + if x != nil { + return x.PipelineId + } + return "" +} + +func (x *JoinAttrsGitLab) GetPipelineSource() string { + if x != nil { + return x.PipelineSource + } + return "" +} + +func (x *JoinAttrsGitLab) GetEnvironment() string { + if x != nil { + return x.Environment + } + return "" +} + +func (x *JoinAttrsGitLab) GetEnvironmentProtected() bool { + if x != nil { + return x.EnvironmentProtected + } + return false +} + +func (x *JoinAttrsGitLab) GetRunnerId() int64 { + if x != nil { + return x.RunnerId + } + return 0 +} + +func (x *JoinAttrsGitLab) GetRunnerEnvironment() string { + if x != nil { + return x.RunnerEnvironment + } + return "" +} + +func (x *JoinAttrsGitLab) GetSha() string { + if x != nil { + return x.Sha + } + return "" +} + +func (x *JoinAttrsGitLab) GetCiConfigRefUri() string { + if x != nil { + return x.CiConfigRefUri + } + return "" +} + +func (x *JoinAttrsGitLab) GetCiConfigSha() string { + if x != nil { + return x.CiConfigSha + } + return "" +} + +// Attributes that are specific to the GitHub (`github`) join method. +// +// Typically, these are mapped directly from the claims of the GitHub JWT that +// was used to join. You can view the documentation for those claims at: +// https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token +type JoinAttrsGitHub struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the GitHub JWT that was used to join. + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The username of the actor that initiated the workflow run. + Actor string `protobuf:"bytes,2,opt,name=actor,proto3" json:"actor,omitempty"` + // The name of the environment that the workflow is running against, if any. + Environment string `protobuf:"bytes,3,opt,name=environment,proto3" json:"environment,omitempty"` + // The ref that the workflow is running against. + Ref string `protobuf:"bytes,4,opt,name=ref,proto3" json:"ref,omitempty"` + // The type of ref that the workflow is running against. + // For example, `branch`. + RefType string `protobuf:"bytes,5,opt,name=ref_type,json=refType,proto3" json:"ref_type,omitempty"` + // The name of the repository that the workflow is running within. + Repository string `protobuf:"bytes,6,opt,name=repository,proto3" json:"repository,omitempty"` + // The name of the owner of the repository that the workflow is running within. + RepositoryOwner string `protobuf:"bytes,7,opt,name=repository_owner,json=repositoryOwner,proto3" json:"repository_owner,omitempty"` + // The name of the workflow that is running. + Workflow string `protobuf:"bytes,8,opt,name=workflow,proto3" json:"workflow,omitempty"` + // The name of the event that triggered the workflow run. + EventName string `protobuf:"bytes,9,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + // The SHA of the commit that triggered the workflow run. + Sha string `protobuf:"bytes,10,opt,name=sha,proto3" json:"sha,omitempty"` + // The ID of this GitHub actions workflow run. + RunId string `protobuf:"bytes,11,opt,name=run_id,json=runId,proto3" json:"run_id,omitempty"` +} + +func (x *JoinAttrsGitHub) Reset() { + *x = JoinAttrsGitHub{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsGitHub) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsGitHub) ProtoMessage() {} + +func (x *JoinAttrsGitHub) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsGitHub.ProtoReflect.Descriptor instead. +func (*JoinAttrsGitHub) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{3} +} + +func (x *JoinAttrsGitHub) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsGitHub) GetActor() string { + if x != nil { + return x.Actor + } + return "" +} + +func (x *JoinAttrsGitHub) GetEnvironment() string { + if x != nil { + return x.Environment + } + return "" +} + +func (x *JoinAttrsGitHub) GetRef() string { + if x != nil { + return x.Ref + } + return "" +} + +func (x *JoinAttrsGitHub) GetRefType() string { + if x != nil { + return x.RefType + } + return "" +} + +func (x *JoinAttrsGitHub) GetRepository() string { + if x != nil { + return x.Repository + } + return "" +} + +func (x *JoinAttrsGitHub) GetRepositoryOwner() string { + if x != nil { + return x.RepositoryOwner + } + return "" +} + +func (x *JoinAttrsGitHub) GetWorkflow() string { + if x != nil { + return x.Workflow + } + return "" +} + +func (x *JoinAttrsGitHub) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *JoinAttrsGitHub) GetSha() string { + if x != nil { + return x.Sha + } + return "" +} + +func (x *JoinAttrsGitHub) GetRunId() string { + if x != nil { + return x.RunId + } + return "" +} + +// Attributes that are specific to the AWS IAM (`iam`) join method. +// +// Typically, these are mapped directly from the results of the +// STS GetCallerIdentity call that is made as part of the join process. +type JoinAttrsAWSIAM struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The identifier of the account that the joining entity is a part of. + // For example: `123456789012` + Account string `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"` + // The AWS ARN of the joining entity. + // For example: `arn:aws:sts::123456789012:assumed-role/my-role-name/my-role-session-name` + Arn string `protobuf:"bytes,2,opt,name=arn,proto3" json:"arn,omitempty"` +} + +func (x *JoinAttrsAWSIAM) Reset() { + *x = JoinAttrsAWSIAM{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsAWSIAM) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsAWSIAM) ProtoMessage() {} + +func (x *JoinAttrsAWSIAM) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsAWSIAM.ProtoReflect.Descriptor instead. +func (*JoinAttrsAWSIAM) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{4} +} + +func (x *JoinAttrsAWSIAM) GetAccount() string { + if x != nil { + return x.Account + } + return "" +} + +func (x *JoinAttrsAWSIAM) GetArn() string { + if x != nil { + return x.Arn + } + return "" +} + +// Attributes that are specific to the TPM (`tpm`) join method. +type JoinAttrsTPM struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The SHA256 hash of the PKIX formatted EK public key, encoded in hex. + // This effectively identifies a specific TPM. + EkPubHash string `protobuf:"bytes,1,opt,name=ek_pub_hash,json=ekPubHash,proto3" json:"ek_pub_hash,omitempty"` + // The serial number of the EK certificate, if present. + EkCertSerial string `protobuf:"bytes,2,opt,name=ek_cert_serial,json=ekCertSerial,proto3" json:"ek_cert_serial,omitempty"` + // Whether or not the EK certificate was verified against a certificate + // authority. + EkCertVerified bool `protobuf:"varint,3,opt,name=ek_cert_verified,json=ekCertVerified,proto3" json:"ek_cert_verified,omitempty"` +} + +func (x *JoinAttrsTPM) Reset() { + *x = JoinAttrsTPM{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsTPM) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsTPM) ProtoMessage() {} + +func (x *JoinAttrsTPM) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsTPM.ProtoReflect.Descriptor instead. +func (*JoinAttrsTPM) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{5} +} + +func (x *JoinAttrsTPM) GetEkPubHash() string { + if x != nil { + return x.EkPubHash + } + return "" +} + +func (x *JoinAttrsTPM) GetEkCertSerial() string { + if x != nil { + return x.EkCertSerial + } + return "" +} + +func (x *JoinAttrsTPM) GetEkCertVerified() bool { + if x != nil { + return x.EkCertVerified + } + return false +} + +// Attributes that are specific to the Azure (`azure`) join method. +type JoinAttrsAzure struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The subscription ID of the Azure account that the joining entity is a part of. + Subscription string `protobuf:"bytes,1,opt,name=subscription,proto3" json:"subscription,omitempty"` + // The resource group of the Azure account that the joining entity is a part of. + ResourceGroup string `protobuf:"bytes,2,opt,name=resource_group,json=resourceGroup,proto3" json:"resource_group,omitempty"` +} + +func (x *JoinAttrsAzure) Reset() { + *x = JoinAttrsAzure{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsAzure) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsAzure) ProtoMessage() {} + +func (x *JoinAttrsAzure) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsAzure.ProtoReflect.Descriptor instead. +func (*JoinAttrsAzure) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{6} +} + +func (x *JoinAttrsAzure) GetSubscription() string { + if x != nil { + return x.Subscription + } + return "" +} + +func (x *JoinAttrsAzure) GetResourceGroup() string { + if x != nil { + return x.ResourceGroup + } + return "" +} + +// Attributes that are specific to the CircleCI (`circleci`) join method. +// These are mapped from the claims of the JWT issued by CircleCI to runs, +// which is documented at: https://circleci.com/docs/openid-connect-tokens/ +type JoinAttrsCircleCI struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the CircleCI JWT that was used to join. + // For example: `org/ORGANIZATION_ID/project/PROJECT_ID/user/USER_ID` + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The UUIDs of the contexts used in the job. + ContextIds []string `protobuf:"bytes,2,rep,name=context_ids,json=contextIds,proto3" json:"context_ids,omitempty"` + // The UUID of the project in which the job is running. + ProjectId string `protobuf:"bytes,3,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"` +} + +func (x *JoinAttrsCircleCI) Reset() { + *x = JoinAttrsCircleCI{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsCircleCI) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsCircleCI) ProtoMessage() {} + +func (x *JoinAttrsCircleCI) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsCircleCI.ProtoReflect.Descriptor instead. +func (*JoinAttrsCircleCI) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{7} +} + +func (x *JoinAttrsCircleCI) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsCircleCI) GetContextIds() []string { + if x != nil { + return x.ContextIds + } + return nil +} + +func (x *JoinAttrsCircleCI) GetProjectId() string { + if x != nil { + return x.ProjectId + } + return "" +} + +// Attributes that are specific to the Bitbucket (`bitbucket`) join method. +// These are mapped from the claims of the JWT issued by BitBucket to runs, +// which is documented at: https://support.atlassian.com/bitbucket-cloud/docs/integrate-pipelines-with-resource-servers-using-oidc/ +type JoinAttrsBitbucket struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the Bitbucket JWT that was used to join. + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The UUID of the pipeline step. + StepUuid string `protobuf:"bytes,2,opt,name=step_uuid,json=stepUuid,proto3" json:"step_uuid,omitempty"` + // The UUID of the repository the pipeline step is running within. + RepositoryUuid string `protobuf:"bytes,3,opt,name=repository_uuid,json=repositoryUuid,proto3" json:"repository_uuid,omitempty"` + // The UUID of the pipeline the step is running within. + PipelineUuid string `protobuf:"bytes,4,opt,name=pipeline_uuid,json=pipelineUuid,proto3" json:"pipeline_uuid,omitempty"` + // The UUID of the workspace the pipeline belongs to. + WorkspaceUuid string `protobuf:"bytes,5,opt,name=workspace_uuid,json=workspaceUuid,proto3" json:"workspace_uuid,omitempty"` + // The UUID of the deployment environment the pipeline is running against. + DeploymentEnvironmentUuid string `protobuf:"bytes,6,opt,name=deployment_environment_uuid,json=deploymentEnvironmentUuid,proto3" json:"deployment_environment_uuid,omitempty"` + // The name of the branch the pipeline is running against. + BranchName string `protobuf:"bytes,7,opt,name=branch_name,json=branchName,proto3" json:"branch_name,omitempty"` +} + +func (x *JoinAttrsBitbucket) Reset() { + *x = JoinAttrsBitbucket{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsBitbucket) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsBitbucket) ProtoMessage() {} + +func (x *JoinAttrsBitbucket) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsBitbucket.ProtoReflect.Descriptor instead. +func (*JoinAttrsBitbucket) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{8} +} + +func (x *JoinAttrsBitbucket) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsBitbucket) GetStepUuid() string { + if x != nil { + return x.StepUuid + } + return "" +} + +func (x *JoinAttrsBitbucket) GetRepositoryUuid() string { + if x != nil { + return x.RepositoryUuid + } + return "" +} + +func (x *JoinAttrsBitbucket) GetPipelineUuid() string { + if x != nil { + return x.PipelineUuid + } + return "" +} + +func (x *JoinAttrsBitbucket) GetWorkspaceUuid() string { + if x != nil { + return x.WorkspaceUuid + } + return "" +} + +func (x *JoinAttrsBitbucket) GetDeploymentEnvironmentUuid() string { + if x != nil { + return x.DeploymentEnvironmentUuid + } + return "" +} + +func (x *JoinAttrsBitbucket) GetBranchName() string { + if x != nil { + return x.BranchName + } + return "" +} + +// Attributes that are specific to the Terraform Cloud (`terraform_cloud`) join method. +// These are mapped from the claims of the JWT issued by Terraform Cloud to runs, +// which is documented at: https://developer.hashicorp.com/terraform/enterprise/workspaces/dynamic-provider-credentials/workload-identity-tokens +type JoinAttrsTerraformCloud struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the Terraform Cloud JWT that was used to join. + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The name of the organization the project and workspace belong to. + OrganizationName string `protobuf:"bytes,2,opt,name=organization_name,json=organizationName,proto3" json:"organization_name,omitempty"` + // The name of the project the workspace belongs to. + ProjectName string `protobuf:"bytes,3,opt,name=project_name,json=projectName,proto3" json:"project_name,omitempty"` + // The name of the workspace that the plan/apply is running within. + WorkspaceName string `protobuf:"bytes,4,opt,name=workspace_name,json=workspaceName,proto3" json:"workspace_name,omitempty"` + // The fully qualified workspace path, including the organization and project + // name. + // For example: `organization::project::workspace:` + FullWorkspace string `protobuf:"bytes,5,opt,name=full_workspace,json=fullWorkspace,proto3" json:"full_workspace,omitempty"` + // The ID of the run that is being executed. + RunId string `protobuf:"bytes,6,opt,name=run_id,json=runId,proto3" json:"run_id,omitempty"` + // The phase of the run that is being executed, either `plan` or `apply`. + RunPhase string `protobuf:"bytes,7,opt,name=run_phase,json=runPhase,proto3" json:"run_phase,omitempty"` +} + +func (x *JoinAttrsTerraformCloud) Reset() { + *x = JoinAttrsTerraformCloud{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsTerraformCloud) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsTerraformCloud) ProtoMessage() {} + +func (x *JoinAttrsTerraformCloud) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsTerraformCloud.ProtoReflect.Descriptor instead. +func (*JoinAttrsTerraformCloud) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{9} +} + +func (x *JoinAttrsTerraformCloud) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetOrganizationName() string { + if x != nil { + return x.OrganizationName + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetProjectName() string { + if x != nil { + return x.ProjectName + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetWorkspaceName() string { + if x != nil { + return x.WorkspaceName + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetFullWorkspace() string { + if x != nil { + return x.FullWorkspace + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetRunId() string { + if x != nil { + return x.RunId + } + return "" +} + +func (x *JoinAttrsTerraformCloud) GetRunPhase() string { + if x != nil { + return x.RunPhase + } + return "" +} + +// Attributes that are specific to the Spacelift (`spacelift`) join method. +// These are mapped from the claims of the JWT issued by Spacelift to runs, +// which is documented at: https://docs.spacelift.io/integrations/cloud-providers/oidc/#standard-claims +type JoinAttrsSpacelift struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The `sub` claim of the Spacelift JWT that was used to join. + Sub string `protobuf:"bytes,1,opt,name=sub,proto3" json:"sub,omitempty"` + // The ID of the space in which the run is executing. + SpaceId string `protobuf:"bytes,2,opt,name=space_id,json=spaceId,proto3" json:"space_id,omitempty"` + // The type of the caller that owns the run, either `stack` or `module`. + CallerType string `protobuf:"bytes,3,opt,name=caller_type,json=callerType,proto3" json:"caller_type,omitempty"` + // The ID of the caller that generated the run. + CallerId string `protobuf:"bytes,4,opt,name=caller_id,json=callerId,proto3" json:"caller_id,omitempty"` + // The type of the run, either `PROPOSED`, `TRACKED`, `TASK`, `TESTING` or `DESTROY`. + RunType string `protobuf:"bytes,5,opt,name=run_type,json=runType,proto3" json:"run_type,omitempty"` + // The ID of the run. + RunId string `protobuf:"bytes,6,opt,name=run_id,json=runId,proto3" json:"run_id,omitempty"` + // The configured scope of the token, either `read` or `write`. + Scope string `protobuf:"bytes,7,opt,name=scope,proto3" json:"scope,omitempty"` +} + +func (x *JoinAttrsSpacelift) Reset() { + *x = JoinAttrsSpacelift{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsSpacelift) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsSpacelift) ProtoMessage() {} + +func (x *JoinAttrsSpacelift) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsSpacelift.ProtoReflect.Descriptor instead. +func (*JoinAttrsSpacelift) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{10} +} + +func (x *JoinAttrsSpacelift) GetSub() string { + if x != nil { + return x.Sub + } + return "" +} + +func (x *JoinAttrsSpacelift) GetSpaceId() string { + if x != nil { + return x.SpaceId + } + return "" +} + +func (x *JoinAttrsSpacelift) GetCallerType() string { + if x != nil { + return x.CallerType + } + return "" +} + +func (x *JoinAttrsSpacelift) GetCallerId() string { + if x != nil { + return x.CallerId + } + return "" +} + +func (x *JoinAttrsSpacelift) GetRunType() string { + if x != nil { + return x.RunType + } + return "" +} + +func (x *JoinAttrsSpacelift) GetRunId() string { + if x != nil { + return x.RunId + } + return "" +} + +func (x *JoinAttrsSpacelift) GetScope() string { + if x != nil { + return x.Scope + } + return "" +} + +// Attributes specific to the GCP join method when the joining entity is on a +// GCE instance. +type JoinAttrsGCPGCE struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The name of the GCE instance that the joining entity is running on. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The zone of the GCE instance that the joining entity is running on. + Zone string `protobuf:"bytes,2,opt,name=zone,proto3" json:"zone,omitempty"` + // The ID of the GCE instance that the joining entity is running on. + Id string `protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty"` + // The project ID of the GCP project that the instance is running within. + Project string `protobuf:"bytes,4,opt,name=project,proto3" json:"project,omitempty"` +} + +func (x *JoinAttrsGCPGCE) Reset() { + *x = JoinAttrsGCPGCE{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsGCPGCE) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsGCPGCE) ProtoMessage() {} + +func (x *JoinAttrsGCPGCE) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsGCPGCE.ProtoReflect.Descriptor instead. +func (*JoinAttrsGCPGCE) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{11} +} + +func (x *JoinAttrsGCPGCE) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *JoinAttrsGCPGCE) GetZone() string { + if x != nil { + return x.Zone + } + return "" +} + +func (x *JoinAttrsGCPGCE) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *JoinAttrsGCPGCE) GetProject() string { + if x != nil { + return x.Project + } + return "" +} + +// Attributes that are specific to the GCP (`gcp`) join method. +// These are mapped from the claims of the JWT instance identity token, which +// is documented at: https://cloud.google.com/compute/docs/instances/verifying-instance-identity#payload +type JoinAttrsGCP struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The service account email of the service account that the instance is running as. + ServiceAccount string `protobuf:"bytes,1,opt,name=service_account,json=serviceAccount,proto3" json:"service_account,omitempty"` + // Attributes specific to the GCP join method when the joining entity is on a + // GCE instance. This may not be present if the joining entity is not on + // GCE. + Gce *JoinAttrsGCPGCE `protobuf:"bytes,2,opt,name=gce,proto3" json:"gce,omitempty"` +} + +func (x *JoinAttrsGCP) Reset() { + *x = JoinAttrsGCP{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsGCP) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsGCP) ProtoMessage() {} + +func (x *JoinAttrsGCP) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[12] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsGCP.ProtoReflect.Descriptor instead. +func (*JoinAttrsGCP) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{12} +} + +func (x *JoinAttrsGCP) GetServiceAccount() string { + if x != nil { + return x.ServiceAccount + } + return "" +} + +func (x *JoinAttrsGCP) GetGce() *JoinAttrsGCPGCE { + if x != nil { + return x.Gce + } + return nil +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method +// when a pod-bound service account token is used. +type JoinAttrsKubernetesPod struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The name of the service account that the joining entity is running as. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` +} + +func (x *JoinAttrsKubernetesPod) Reset() { + *x = JoinAttrsKubernetesPod{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsKubernetesPod) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsKubernetesPod) ProtoMessage() {} + +func (x *JoinAttrsKubernetesPod) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsKubernetesPod.ProtoReflect.Descriptor instead. +func (*JoinAttrsKubernetesPod) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{13} +} + +func (x *JoinAttrsKubernetesPod) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method +// when a service account token is used. +type JoinAttrsKubernetesServiceAccount struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The name of the service account that the joining entity is running as. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The namespace of the service account that the joining entity is running as. + Namespace string `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"` +} + +func (x *JoinAttrsKubernetesServiceAccount) Reset() { + *x = JoinAttrsKubernetesServiceAccount{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsKubernetesServiceAccount) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsKubernetesServiceAccount) ProtoMessage() {} + +func (x *JoinAttrsKubernetesServiceAccount) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[14] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsKubernetesServiceAccount.ProtoReflect.Descriptor instead. +func (*JoinAttrsKubernetesServiceAccount) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{14} +} + +func (x *JoinAttrsKubernetesServiceAccount) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *JoinAttrsKubernetesServiceAccount) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method. +type JoinAttrsKubernetes struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The fully qualified identifier of the entity based on the Kubernetes + // token. For a service account, this takes the form of + // `system:serviceaccount::`. + Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"` + // Attributes specific to the Kubernetes join method when the joining entity + // is a service account token. This will only be present if the joining entity + // is a service account (as opposed to a human user or similar). + ServiceAccount *JoinAttrsKubernetesServiceAccount `protobuf:"bytes,2,opt,name=service_account,json=serviceAccount,proto3" json:"service_account,omitempty"` + // Attributes specific to the Kubernetes join method when the joining entity + // is a pod-bound service account token. This will only be present if the + // joining entity is a service account, and, the token has been bound to a + // pod. + Pod *JoinAttrsKubernetesPod `protobuf:"bytes,3,opt,name=pod,proto3" json:"pod,omitempty"` +} + +func (x *JoinAttrsKubernetes) Reset() { + *x = JoinAttrsKubernetes{} + if protoimpl.UnsafeEnabled { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JoinAttrsKubernetes) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JoinAttrsKubernetes) ProtoMessage() {} + +func (x *JoinAttrsKubernetes) ProtoReflect() protoreflect.Message { + mi := &file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[15] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JoinAttrsKubernetes.ProtoReflect.Descriptor instead. +func (*JoinAttrsKubernetes) Descriptor() ([]byte, []int) { + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP(), []int{15} +} + +func (x *JoinAttrsKubernetes) GetSubject() string { + if x != nil { + return x.Subject + } + return "" +} + +func (x *JoinAttrsKubernetes) GetServiceAccount() *JoinAttrsKubernetesServiceAccount { + if x != nil { + return x.ServiceAccount + } + return nil +} + +func (x *JoinAttrsKubernetes) GetPod() *JoinAttrsKubernetesPod { + if x != nil { + return x.Pod + } + return nil +} + +var File_teleport_workloadidentity_v1_join_attrs_proto protoreflect.FileDescriptor + +var file_teleport_workloadidentity_v1_join_attrs_proto_rawDesc = []byte{ + 0x0a, 0x2d, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, + 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x2f, 0x6a, + 0x6f, 0x69, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, + 0x1c, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, + 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x22, 0xfb, 0x06, + 0x0a, 0x09, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x12, 0x3f, 0x0a, 0x04, 0x6d, + 0x65, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x74, 0x65, 0x6c, 0x65, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, + 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, + 0x72, 0x73, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x04, 0x6d, 0x65, 0x74, 0x61, 0x12, 0x45, 0x0a, 0x06, + 0x67, 0x69, 0x74, 0x6c, 0x61, 0x62, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, + 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, + 0x41, 0x74, 0x74, 0x72, 0x73, 0x47, 0x69, 0x74, 0x4c, 0x61, 0x62, 0x52, 0x06, 0x67, 0x69, 0x74, + 0x6c, 0x61, 0x62, 0x12, 0x45, 0x0a, 0x06, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, + 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x47, 0x69, 0x74, 0x48, + 0x75, 0x62, 0x52, 0x06, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x12, 0x3f, 0x0a, 0x03, 0x69, 0x61, + 0x6d, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, + 0x41, 0x57, 0x53, 0x49, 0x41, 0x4d, 0x52, 0x03, 0x69, 0x61, 0x6d, 0x12, 0x3c, 0x0a, 0x03, 0x74, + 0x70, 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, + 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, + 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, + 0x73, 0x54, 0x50, 0x4d, 0x52, 0x03, 0x74, 0x70, 0x6d, 0x12, 0x42, 0x0a, 0x05, 0x61, 0x7a, 0x75, + 0x72, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, + 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, + 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, + 0x73, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x52, 0x05, 0x61, 0x7a, 0x75, 0x72, 0x65, 0x12, 0x4b, 0x0a, + 0x08, 0x63, 0x69, 0x72, 0x63, 0x6c, 0x65, 0x63, 0x69, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x2f, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, + 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, + 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x43, 0x69, 0x72, 0x63, 0x6c, 0x65, 0x43, 0x49, + 0x52, 0x08, 0x63, 0x69, 0x72, 0x63, 0x6c, 0x65, 0x63, 0x69, 0x12, 0x4e, 0x0a, 0x09, 0x62, 0x69, + 0x74, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, + 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, + 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x42, 0x69, 0x74, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x52, + 0x09, 0x62, 0x69, 0x74, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x5e, 0x0a, 0x0f, 0x74, 0x65, + 0x72, 0x72, 0x61, 0x66, 0x6f, 0x72, 0x6d, 0x5f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x18, 0x09, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, + 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x54, 0x65, 0x72, 0x72, + 0x61, 0x66, 0x6f, 0x72, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x52, 0x0e, 0x74, 0x65, 0x72, 0x72, + 0x61, 0x66, 0x6f, 0x72, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x12, 0x4e, 0x0a, 0x09, 0x73, 0x70, + 0x61, 0x63, 0x65, 0x6c, 0x69, 0x66, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x30, 0x2e, + 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, + 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, + 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x53, 0x70, 0x61, 0x63, 0x65, 0x6c, 0x69, 0x66, 0x74, 0x52, + 0x09, 0x73, 0x70, 0x61, 0x63, 0x65, 0x6c, 0x69, 0x66, 0x74, 0x12, 0x3c, 0x0a, 0x03, 0x67, 0x63, + 0x70, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, + 0x47, 0x43, 0x50, 0x52, 0x03, 0x67, 0x63, 0x70, 0x12, 0x51, 0x0a, 0x0a, 0x6b, 0x75, 0x62, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x74, + 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, + 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, + 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x52, + 0x0a, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x22, 0x58, 0x0a, 0x0d, 0x4a, + 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x26, 0x0a, 0x0f, + 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, + 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6a, 0x6f, 0x69, 0x6e, 0x5f, 0x6d, 0x65, 0x74, + 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6a, 0x6f, 0x69, 0x6e, 0x4d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x22, 0xcb, 0x04, 0x0a, 0x0f, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, + 0x74, 0x72, 0x73, 0x47, 0x69, 0x74, 0x4c, 0x61, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x72, + 0x65, 0x66, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x72, 0x65, 0x66, 0x12, 0x19, 0x0a, + 0x08, 0x72, 0x65, 0x66, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x72, 0x65, 0x66, 0x54, 0x79, 0x70, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x5f, + 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x0c, 0x72, 0x65, 0x66, 0x50, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x12, 0x25, 0x0a, + 0x0e, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, + 0x50, 0x61, 0x74, 0x68, 0x12, 0x21, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, + 0x70, 0x61, 0x74, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x72, 0x6f, 0x6a, + 0x65, 0x63, 0x74, 0x50, 0x61, 0x74, 0x68, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, + 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x75, 0x73, 0x65, + 0x72, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x69, 0x70, 0x65, 0x6c, 0x69, 0x6e, + 0x65, 0x5f, 0x69, 0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x69, 0x70, 0x65, + 0x6c, 0x69, 0x6e, 0x65, 0x49, 0x64, 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x69, 0x70, 0x65, 0x6c, 0x69, + 0x6e, 0x65, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0e, 0x70, 0x69, 0x70, 0x65, 0x6c, 0x69, 0x6e, 0x65, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, + 0x20, 0x0a, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x0b, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, + 0x74, 0x12, 0x33, 0x0a, 0x15, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, + 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x14, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, + 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x72, 0x75, 0x6e, 0x6e, 0x65, 0x72, + 0x5f, 0x69, 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x03, 0x52, 0x08, 0x72, 0x75, 0x6e, 0x6e, 0x65, + 0x72, 0x49, 0x64, 0x12, 0x2d, 0x0a, 0x12, 0x72, 0x75, 0x6e, 0x6e, 0x65, 0x72, 0x5f, 0x65, 0x6e, + 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x11, 0x72, 0x75, 0x6e, 0x6e, 0x65, 0x72, 0x45, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, + 0x6e, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x68, 0x61, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x03, 0x73, 0x68, 0x61, 0x12, 0x29, 0x0a, 0x11, 0x63, 0x69, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x5f, 0x72, 0x65, 0x66, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0e, 0x63, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x66, 0x55, 0x72, 0x69, 0x12, + 0x22, 0x0a, 0x0d, 0x63, 0x69, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x68, 0x61, + 0x18, 0x11, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x69, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x53, 0x68, 0x61, 0x22, 0xb7, 0x02, 0x0a, 0x0f, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, + 0x73, 0x47, 0x69, 0x74, 0x48, 0x75, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x14, 0x0a, 0x05, 0x61, 0x63, 0x74, + 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x12, + 0x20, 0x0a, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, + 0x74, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x65, 0x66, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x72, 0x65, 0x66, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x65, 0x66, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x65, 0x66, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1e, + 0x0a, 0x0a, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79, 0x18, 0x06, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79, 0x12, 0x29, + 0x0a, 0x10, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x6f, 0x77, 0x6e, + 0x65, 0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, + 0x74, 0x6f, 0x72, 0x79, 0x4f, 0x77, 0x6e, 0x65, 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x77, 0x6f, 0x72, + 0x6b, 0x66, 0x6c, 0x6f, 0x77, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x77, 0x6f, 0x72, + 0x6b, 0x66, 0x6c, 0x6f, 0x77, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, + 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x68, 0x61, 0x18, 0x0a, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x03, 0x73, 0x68, 0x61, 0x12, 0x15, 0x0a, 0x06, 0x72, 0x75, 0x6e, 0x5f, 0x69, 0x64, + 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x72, 0x75, 0x6e, 0x49, 0x64, 0x22, 0x3d, 0x0a, + 0x0f, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x41, 0x57, 0x53, 0x49, 0x41, 0x4d, + 0x12, 0x18, 0x0a, 0x07, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x72, + 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x72, 0x6e, 0x22, 0x7e, 0x0a, 0x0c, + 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x54, 0x50, 0x4d, 0x12, 0x1e, 0x0a, 0x0b, + 0x65, 0x6b, 0x5f, 0x70, 0x75, 0x62, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x09, 0x65, 0x6b, 0x50, 0x75, 0x62, 0x48, 0x61, 0x73, 0x68, 0x12, 0x24, 0x0a, 0x0e, + 0x65, 0x6b, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x65, 0x6b, 0x43, 0x65, 0x72, 0x74, 0x53, 0x65, 0x72, 0x69, + 0x61, 0x6c, 0x12, 0x28, 0x0a, 0x10, 0x65, 0x6b, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x76, 0x65, + 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x65, 0x6b, + 0x43, 0x65, 0x72, 0x74, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x22, 0x5b, 0x0a, 0x0e, + 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x41, 0x7a, 0x75, 0x72, 0x65, 0x12, 0x22, + 0x0a, 0x0c, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x73, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x67, + 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x22, 0x65, 0x0a, 0x11, 0x4a, 0x6f, 0x69, + 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x43, 0x69, 0x72, 0x63, 0x6c, 0x65, 0x43, 0x49, 0x12, 0x10, + 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, + 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x5f, 0x69, 0x64, 0x73, 0x18, + 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x49, 0x64, + 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, + 0x22, 0x99, 0x02, 0x0a, 0x12, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x42, 0x69, + 0x74, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x74, 0x65, + 0x70, 0x5f, 0x75, 0x75, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x74, + 0x65, 0x70, 0x55, 0x75, 0x69, 0x64, 0x12, 0x27, 0x0a, 0x0f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, + 0x74, 0x6f, 0x72, 0x79, 0x5f, 0x75, 0x75, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0e, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, 0x72, 0x79, 0x55, 0x75, 0x69, 0x64, 0x12, + 0x23, 0x0a, 0x0d, 0x70, 0x69, 0x70, 0x65, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x75, 0x75, 0x69, 0x64, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x70, 0x69, 0x70, 0x65, 0x6c, 0x69, 0x6e, 0x65, + 0x55, 0x75, 0x69, 0x64, 0x12, 0x25, 0x0a, 0x0e, 0x77, 0x6f, 0x72, 0x6b, 0x73, 0x70, 0x61, 0x63, + 0x65, 0x5f, 0x75, 0x75, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x77, 0x6f, + 0x72, 0x6b, 0x73, 0x70, 0x61, 0x63, 0x65, 0x55, 0x75, 0x69, 0x64, 0x12, 0x3e, 0x0a, 0x1b, 0x64, + 0x65, 0x70, 0x6c, 0x6f, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x6e, 0x76, 0x69, 0x72, 0x6f, + 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x75, 0x75, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x19, 0x64, 0x65, 0x70, 0x6c, 0x6f, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x45, 0x6e, 0x76, 0x69, + 0x72, 0x6f, 0x6e, 0x6d, 0x65, 0x6e, 0x74, 0x55, 0x75, 0x69, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x62, + 0x72, 0x61, 0x6e, 0x63, 0x68, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0a, 0x62, 0x72, 0x61, 0x6e, 0x63, 0x68, 0x4e, 0x61, 0x6d, 0x65, 0x22, 0xfd, 0x01, 0x0a, + 0x17, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x54, 0x65, 0x72, 0x72, 0x61, 0x66, + 0x6f, 0x72, 0x6d, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x2b, 0x0a, 0x11, 0x6f, 0x72, + 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x6a, 0x65, + 0x63, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, + 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x77, 0x6f, + 0x72, 0x6b, 0x73, 0x70, 0x61, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0d, 0x77, 0x6f, 0x72, 0x6b, 0x73, 0x70, 0x61, 0x63, 0x65, 0x4e, 0x61, 0x6d, + 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x75, 0x6c, 0x6c, 0x5f, 0x77, 0x6f, 0x72, 0x6b, 0x73, 0x70, + 0x61, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x66, 0x75, 0x6c, 0x6c, 0x57, + 0x6f, 0x72, 0x6b, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x72, 0x75, 0x6e, 0x5f, + 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x72, 0x75, 0x6e, 0x49, 0x64, 0x12, + 0x1b, 0x0a, 0x09, 0x72, 0x75, 0x6e, 0x5f, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x07, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x72, 0x75, 0x6e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x22, 0xc7, 0x01, 0x0a, + 0x12, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x53, 0x70, 0x61, 0x63, 0x65, 0x6c, + 0x69, 0x66, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x73, 0x75, 0x62, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x03, 0x73, 0x75, 0x62, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x70, 0x61, 0x63, 0x65, 0x5f, 0x69, + 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x70, 0x61, 0x63, 0x65, 0x49, 0x64, + 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x61, 0x6c, 0x6c, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x61, 0x6c, 0x6c, 0x65, 0x72, 0x54, 0x79, 0x70, + 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x61, 0x6c, 0x6c, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x61, 0x6c, 0x6c, 0x65, 0x72, 0x49, 0x64, 0x12, 0x19, + 0x0a, 0x08, 0x72, 0x75, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x07, 0x72, 0x75, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x72, 0x75, 0x6e, + 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x72, 0x75, 0x6e, 0x49, 0x64, + 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x22, 0x63, 0x0a, 0x0f, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, + 0x74, 0x72, 0x73, 0x47, 0x43, 0x50, 0x47, 0x43, 0x45, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, + 0x04, 0x7a, 0x6f, 0x6e, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x7a, 0x6f, 0x6e, + 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, + 0x64, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x78, 0x0a, 0x0c, 0x4a, + 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x47, 0x43, 0x50, 0x12, 0x27, 0x0a, 0x0f, 0x73, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, + 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x3f, 0x0a, 0x03, 0x67, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x2d, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, 0x6f, 0x72, + 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x47, 0x43, 0x50, 0x47, 0x43, 0x45, + 0x52, 0x03, 0x67, 0x63, 0x65, 0x22, 0x2c, 0x0a, 0x16, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, + 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x50, 0x6f, 0x64, 0x12, + 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x22, 0x55, 0x0a, 0x21, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, + 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, + 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x22, 0xe1, 0x01, 0x0a, 0x13, 0x4a, + 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x68, 0x0a, 0x0f, + 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3f, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, + 0x2e, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, + 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x0e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, + 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x46, 0x0a, 0x03, 0x70, 0x6f, 0x64, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x77, + 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x73, 0x4b, 0x75, 0x62, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x50, 0x6f, 0x64, 0x52, 0x03, 0x70, 0x6f, 0x64, 0x42, 0x64, + 0x5a, 0x62, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, + 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, + 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x77, 0x6f, + 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, + 0x31, 0x3b, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, + 0x74, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_teleport_workloadidentity_v1_join_attrs_proto_rawDescOnce sync.Once + file_teleport_workloadidentity_v1_join_attrs_proto_rawDescData = file_teleport_workloadidentity_v1_join_attrs_proto_rawDesc +) + +func file_teleport_workloadidentity_v1_join_attrs_proto_rawDescGZIP() []byte { + file_teleport_workloadidentity_v1_join_attrs_proto_rawDescOnce.Do(func() { + file_teleport_workloadidentity_v1_join_attrs_proto_rawDescData = protoimpl.X.CompressGZIP(file_teleport_workloadidentity_v1_join_attrs_proto_rawDescData) + }) + return file_teleport_workloadidentity_v1_join_attrs_proto_rawDescData +} + +var file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes = make([]protoimpl.MessageInfo, 16) +var file_teleport_workloadidentity_v1_join_attrs_proto_goTypes = []any{ + (*JoinAttrs)(nil), // 0: teleport.workloadidentity.v1.JoinAttrs + (*JoinAttrsMeta)(nil), // 1: teleport.workloadidentity.v1.JoinAttrsMeta + (*JoinAttrsGitLab)(nil), // 2: teleport.workloadidentity.v1.JoinAttrsGitLab + (*JoinAttrsGitHub)(nil), // 3: teleport.workloadidentity.v1.JoinAttrsGitHub + (*JoinAttrsAWSIAM)(nil), // 4: teleport.workloadidentity.v1.JoinAttrsAWSIAM + (*JoinAttrsTPM)(nil), // 5: teleport.workloadidentity.v1.JoinAttrsTPM + (*JoinAttrsAzure)(nil), // 6: teleport.workloadidentity.v1.JoinAttrsAzure + (*JoinAttrsCircleCI)(nil), // 7: teleport.workloadidentity.v1.JoinAttrsCircleCI + (*JoinAttrsBitbucket)(nil), // 8: teleport.workloadidentity.v1.JoinAttrsBitbucket + (*JoinAttrsTerraformCloud)(nil), // 9: teleport.workloadidentity.v1.JoinAttrsTerraformCloud + (*JoinAttrsSpacelift)(nil), // 10: teleport.workloadidentity.v1.JoinAttrsSpacelift + (*JoinAttrsGCPGCE)(nil), // 11: teleport.workloadidentity.v1.JoinAttrsGCPGCE + (*JoinAttrsGCP)(nil), // 12: teleport.workloadidentity.v1.JoinAttrsGCP + (*JoinAttrsKubernetesPod)(nil), // 13: teleport.workloadidentity.v1.JoinAttrsKubernetesPod + (*JoinAttrsKubernetesServiceAccount)(nil), // 14: teleport.workloadidentity.v1.JoinAttrsKubernetesServiceAccount + (*JoinAttrsKubernetes)(nil), // 15: teleport.workloadidentity.v1.JoinAttrsKubernetes +} +var file_teleport_workloadidentity_v1_join_attrs_proto_depIdxs = []int32{ + 1, // 0: teleport.workloadidentity.v1.JoinAttrs.meta:type_name -> teleport.workloadidentity.v1.JoinAttrsMeta + 2, // 1: teleport.workloadidentity.v1.JoinAttrs.gitlab:type_name -> teleport.workloadidentity.v1.JoinAttrsGitLab + 3, // 2: teleport.workloadidentity.v1.JoinAttrs.github:type_name -> teleport.workloadidentity.v1.JoinAttrsGitHub + 4, // 3: teleport.workloadidentity.v1.JoinAttrs.iam:type_name -> teleport.workloadidentity.v1.JoinAttrsAWSIAM + 5, // 4: teleport.workloadidentity.v1.JoinAttrs.tpm:type_name -> teleport.workloadidentity.v1.JoinAttrsTPM + 6, // 5: teleport.workloadidentity.v1.JoinAttrs.azure:type_name -> teleport.workloadidentity.v1.JoinAttrsAzure + 7, // 6: teleport.workloadidentity.v1.JoinAttrs.circleci:type_name -> teleport.workloadidentity.v1.JoinAttrsCircleCI + 8, // 7: teleport.workloadidentity.v1.JoinAttrs.bitbucket:type_name -> teleport.workloadidentity.v1.JoinAttrsBitbucket + 9, // 8: teleport.workloadidentity.v1.JoinAttrs.terraform_cloud:type_name -> teleport.workloadidentity.v1.JoinAttrsTerraformCloud + 10, // 9: teleport.workloadidentity.v1.JoinAttrs.spacelift:type_name -> teleport.workloadidentity.v1.JoinAttrsSpacelift + 12, // 10: teleport.workloadidentity.v1.JoinAttrs.gcp:type_name -> teleport.workloadidentity.v1.JoinAttrsGCP + 15, // 11: teleport.workloadidentity.v1.JoinAttrs.kubernetes:type_name -> teleport.workloadidentity.v1.JoinAttrsKubernetes + 11, // 12: teleport.workloadidentity.v1.JoinAttrsGCP.gce:type_name -> teleport.workloadidentity.v1.JoinAttrsGCPGCE + 14, // 13: teleport.workloadidentity.v1.JoinAttrsKubernetes.service_account:type_name -> teleport.workloadidentity.v1.JoinAttrsKubernetesServiceAccount + 13, // 14: teleport.workloadidentity.v1.JoinAttrsKubernetes.pod:type_name -> teleport.workloadidentity.v1.JoinAttrsKubernetesPod + 15, // [15:15] is the sub-list for method output_type + 15, // [15:15] is the sub-list for method input_type + 15, // [15:15] is the sub-list for extension type_name + 15, // [15:15] is the sub-list for extension extendee + 0, // [0:15] is the sub-list for field type_name +} + +func init() { file_teleport_workloadidentity_v1_join_attrs_proto_init() } +func file_teleport_workloadidentity_v1_join_attrs_proto_init() { + if File_teleport_workloadidentity_v1_join_attrs_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[0].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrs); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[1].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsMeta); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[2].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsGitLab); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[3].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsGitHub); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[4].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsAWSIAM); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[5].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsTPM); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[6].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsAzure); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[7].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsCircleCI); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[8].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsBitbucket); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[9].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsTerraformCloud); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[10].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsSpacelift); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[11].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsGCPGCE); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[12].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsGCP); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[13].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsKubernetesPod); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[14].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsKubernetesServiceAccount); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes[15].Exporter = func(v any, i int) any { + switch v := v.(*JoinAttrsKubernetes); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_teleport_workloadidentity_v1_join_attrs_proto_rawDesc, + NumEnums: 0, + NumMessages: 16, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_teleport_workloadidentity_v1_join_attrs_proto_goTypes, + DependencyIndexes: file_teleport_workloadidentity_v1_join_attrs_proto_depIdxs, + MessageInfos: file_teleport_workloadidentity_v1_join_attrs_proto_msgTypes, + }.Build() + File_teleport_workloadidentity_v1_join_attrs_proto = out.File + file_teleport_workloadidentity_v1_join_attrs_proto_rawDesc = nil + file_teleport_workloadidentity_v1_join_attrs_proto_goTypes = nil + file_teleport_workloadidentity_v1_join_attrs_proto_depIdxs = nil +} diff --git a/api/proto/teleport/machineid/v1/bot_instance.proto b/api/proto/teleport/machineid/v1/bot_instance.proto index 6ff4719ed15f8..5904e8896a6bd 100644 --- a/api/proto/teleport/machineid/v1/bot_instance.proto +++ b/api/proto/teleport/machineid/v1/bot_instance.proto @@ -20,6 +20,7 @@ import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; import "teleport/header/v1/metadata.proto"; +import "teleport/workloadidentity/v1/join_attrs.proto"; option go_package = "github.com/gravitational/teleport/api/gen/proto/go/teleport/machineid/v1;machineidv1"; @@ -108,6 +109,11 @@ message BotInstanceStatusAuthentication { reserved 7; reserved "fingerprint"; + + // The attributes generated during the join process. Typically, this is + // information from the join attestation process itself. This field will + // eventually replace the `metadata` field, which is structureless. + teleport.workloadidentity.v1.JoinAttrs join_attrs = 8; } // BotInstanceStatus holds the status of a BotInstance. diff --git a/api/proto/teleport/workloadidentity/v1/attrs.proto b/api/proto/teleport/workloadidentity/v1/attrs.proto index 3bcdd27ed2517..1a3b0099bac88 100644 --- a/api/proto/teleport/workloadidentity/v1/attrs.proto +++ b/api/proto/teleport/workloadidentity/v1/attrs.proto @@ -16,6 +16,8 @@ syntax = "proto3"; package teleport.workloadidentity.v1; +import "teleport/workloadidentity/v1/join_attrs.proto"; + option go_package = "github.com/gravitational/teleport/api/gen/proto/go/teleport/workloadidentity/v1;workloadidentityv1"; // Attributes sourced from the Kubernetes workload attestor. @@ -80,4 +82,7 @@ message Attrs { // Attributes sourced from the user/bot making the request for a workload // identity credential. UserAttrs user = 2; + // Attributes sourced from the join process that the Bot underwent. This will + // be unset if the principal making the request is not a Bot. + JoinAttrs join = 3; } diff --git a/api/proto/teleport/workloadidentity/v1/join_attrs.proto b/api/proto/teleport/workloadidentity/v1/join_attrs.proto new file mode 100644 index 0000000000000..369bb46dd0336 --- /dev/null +++ b/api/proto/teleport/workloadidentity/v1/join_attrs.proto @@ -0,0 +1,312 @@ +// Copyright 2025 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package teleport.workloadidentity.v1; + +option go_package = "github.com/gravitational/teleport/api/gen/proto/go/teleport/workloadidentity/v1;workloadidentityv1"; + +// The collection of attributes that result from the join process. +message JoinAttrs { + // The collection of attributes that result from the join process but are not + // specific to any particular join method. + JoinAttrsMeta meta = 1; + // Attributes that are specific to the GitLab (`gitlab`) join method. + JoinAttrsGitLab gitlab = 2; + // Attributes that are specific to the GitHub (`github`) join method. + JoinAttrsGitHub github = 3; + // Attributes that are specific to the AWS IAM (`iam`) join method. + JoinAttrsAWSIAM iam = 4; + // Attributes that are specific to the TPM (`tpm`) join method. + JoinAttrsTPM tpm = 5; + // Attributes that are specific to the Azure (`azure`) join method. + JoinAttrsAzure azure = 6; + // Attributes that are specific to the CircleCI (`circleci`) join method. + JoinAttrsCircleCI circleci = 7; + // Attributes that are specific to the Bitbucket (`bitbucket`) join method. + JoinAttrsBitbucket bitbucket = 8; + // Attributes that are specific to the Terraform Cloud (`terraform_cloud`) join method. + JoinAttrsTerraformCloud terraform_cloud = 9; + // Attributes that are specific to the Spacelift (`spacelift`) join method. + JoinAttrsSpacelift spacelift = 10; + // Attributes that are specific to the GCP (`gcp`) join method. + JoinAttrsGCP gcp = 11; + // Attributes that are specific to the Kubernetes (`kubernetes`) join method. + JoinAttrsKubernetes kubernetes = 12; +} + +// The collection of attributes that result from the join process but are not +// specific to any particular join method. +message JoinAttrsMeta { + // The name of the join token that was used to join. + // + // This field is omitted if the join token that was used to join was of the + // `token` method as in this case, the name of the join token is sensitive. + // + // Example: `my-gitlab-join-token` + string join_token_name = 1; + // The name of the join method that was used to join. + // + // Example: `gitlab` + string join_method = 2; +} + +// Attributes that are specific to the GitLab join method. +// +// Typically, these are mapped directly from the claims of the GitLab JWT that +// was used to join. You can view the documentation for those claims at: +// https://docs.gitlab.com/ee/ci/secrets/id_token_authentication.html#token-payload +message JoinAttrsGitLab { + // The `sub` claim of the GitLab JWT that was used to join. + // For example: `project_path:mygroup/my-project:ref_type:branch:ref:main` + string sub = 1; + // The ref that the pipeline is running against. + // For example: `main` + string ref = 2; + // The type of ref that the pipeline is running against. + // This is typically `branch` or `tag`. + string ref_type = 3; + // Whether or not the ref that the pipeline is running against is protected. + bool ref_protected = 4; + // The path of the namespace of the project that the pipeline is running within. + // For example: `mygroup` + string namespace_path = 5; + // The full qualified path of the project that the pipeline is running within. + // This includes the namespace path. + // For example: `mygroup/my-project` + string project_path = 6; + // The name of the user that triggered the pipeline run. + string user_login = 7; + // The email of the user that triggered the pipeline run. + string user_email = 8; + // The ID of the pipeline. + string pipeline_id = 9; + // The source of the pipeline. + // For example: `push` or `web` + string pipeline_source = 10; + // The environment the pipeline is running against, if any. + string environment = 11; + // Whether or not the pipeline is running against a protected environment. + // If there is no configured environment, this field is false. + bool environment_protected = 12; + // The ID of the runner that this pipeline is running on. + int64 runner_id = 13; + // The type of runner that is processing the pipeline. + // Either `gitlab-hosted` or `self-hosted`. + string runner_environment = 14; + // The SHA of the commit that triggered the pipeline run. + string sha = 15; + // The ref URI of the CI config configuring the pipeline. + string ci_config_ref_uri = 16; + // The Git SHA of the CI config ref configuring the pipeline. + string ci_config_sha = 17; +} + +// Attributes that are specific to the GitHub (`github`) join method. +// +// Typically, these are mapped directly from the claims of the GitHub JWT that +// was used to join. You can view the documentation for those claims at: +// https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token +message JoinAttrsGitHub { + // The `sub` claim of the GitHub JWT that was used to join. + string sub = 1; + // The username of the actor that initiated the workflow run. + string actor = 2; + // The name of the environment that the workflow is running against, if any. + string environment = 3; + // The ref that the workflow is running against. + string ref = 4; + // The type of ref that the workflow is running against. + // For example, `branch`. + string ref_type = 5; + // The name of the repository that the workflow is running within. + string repository = 6; + // The name of the owner of the repository that the workflow is running within. + string repository_owner = 7; + // The name of the workflow that is running. + string workflow = 8; + // The name of the event that triggered the workflow run. + string event_name = 9; + // The SHA of the commit that triggered the workflow run. + string sha = 10; + // The ID of this GitHub actions workflow run. + string run_id = 11; +} + +// Attributes that are specific to the AWS IAM (`iam`) join method. +// +// Typically, these are mapped directly from the results of the +// STS GetCallerIdentity call that is made as part of the join process. +message JoinAttrsAWSIAM { + // The identifier of the account that the joining entity is a part of. + // For example: `123456789012` + string account = 1; + // The AWS ARN of the joining entity. + // For example: `arn:aws:sts::123456789012:assumed-role/my-role-name/my-role-session-name` + string arn = 2; +} + +// Attributes that are specific to the TPM (`tpm`) join method. +message JoinAttrsTPM { + // The SHA256 hash of the PKIX formatted EK public key, encoded in hex. + // This effectively identifies a specific TPM. + string ek_pub_hash = 1; + // The serial number of the EK certificate, if present. + string ek_cert_serial = 2; + // Whether or not the EK certificate was verified against a certificate + // authority. + bool ek_cert_verified = 3; +} + +// Attributes that are specific to the Azure (`azure`) join method. +message JoinAttrsAzure { + // The subscription ID of the Azure account that the joining entity is a part of. + string subscription = 1; + // The resource group of the Azure account that the joining entity is a part of. + string resource_group = 2; +} + +// Attributes that are specific to the CircleCI (`circleci`) join method. +// These are mapped from the claims of the JWT issued by CircleCI to runs, +// which is documented at: https://circleci.com/docs/openid-connect-tokens/ +message JoinAttrsCircleCI { + // The `sub` claim of the CircleCI JWT that was used to join. + // For example: `org/ORGANIZATION_ID/project/PROJECT_ID/user/USER_ID` + string sub = 1; + // The UUIDs of the contexts used in the job. + repeated string context_ids = 2; + // The UUID of the project in which the job is running. + string project_id = 3; +} + +// Attributes that are specific to the Bitbucket (`bitbucket`) join method. +// These are mapped from the claims of the JWT issued by BitBucket to runs, +// which is documented at: https://support.atlassian.com/bitbucket-cloud/docs/integrate-pipelines-with-resource-servers-using-oidc/ +message JoinAttrsBitbucket { + // The `sub` claim of the Bitbucket JWT that was used to join. + string sub = 1; + // The UUID of the pipeline step. + string step_uuid = 2; + // The UUID of the repository the pipeline step is running within. + string repository_uuid = 3; + // The UUID of the pipeline the step is running within. + string pipeline_uuid = 4; + // The UUID of the workspace the pipeline belongs to. + string workspace_uuid = 5; + // The UUID of the deployment environment the pipeline is running against. + string deployment_environment_uuid = 6; + // The name of the branch the pipeline is running against. + string branch_name = 7; +} + +// Attributes that are specific to the Terraform Cloud (`terraform_cloud`) join method. +// These are mapped from the claims of the JWT issued by Terraform Cloud to runs, +// which is documented at: https://developer.hashicorp.com/terraform/enterprise/workspaces/dynamic-provider-credentials/workload-identity-tokens +message JoinAttrsTerraformCloud { + // The `sub` claim of the Terraform Cloud JWT that was used to join. + string sub = 1; + // The name of the organization the project and workspace belong to. + string organization_name = 2; + // The name of the project the workspace belongs to. + string project_name = 3; + // The name of the workspace that the plan/apply is running within. + string workspace_name = 4; + // The fully qualified workspace path, including the organization and project + // name. + // For example: `organization::project::workspace:` + string full_workspace = 5; + // The ID of the run that is being executed. + string run_id = 6; + // The phase of the run that is being executed, either `plan` or `apply`. + string run_phase = 7; +} + +// Attributes that are specific to the Spacelift (`spacelift`) join method. +// These are mapped from the claims of the JWT issued by Spacelift to runs, +// which is documented at: https://docs.spacelift.io/integrations/cloud-providers/oidc/#standard-claims +message JoinAttrsSpacelift { + // The `sub` claim of the Spacelift JWT that was used to join. + string sub = 1; + // The ID of the space in which the run is executing. + string space_id = 2; + // The type of the caller that owns the run, either `stack` or `module`. + string caller_type = 3; + // The ID of the caller that generated the run. + string caller_id = 4; + // The type of the run, either `PROPOSED`, `TRACKED`, `TASK`, `TESTING` or `DESTROY`. + string run_type = 5; + // The ID of the run. + string run_id = 6; + // The configured scope of the token, either `read` or `write`. + string scope = 7; +} + +// Attributes specific to the GCP join method when the joining entity is on a +// GCE instance. +message JoinAttrsGCPGCE { + // The name of the GCE instance that the joining entity is running on. + string name = 1; + // The zone of the GCE instance that the joining entity is running on. + string zone = 2; + // The ID of the GCE instance that the joining entity is running on. + string id = 3; + // The project ID of the GCP project that the instance is running within. + string project = 4; +} + +// Attributes that are specific to the GCP (`gcp`) join method. +// These are mapped from the claims of the JWT instance identity token, which +// is documented at: https://cloud.google.com/compute/docs/instances/verifying-instance-identity#payload +message JoinAttrsGCP { + // The service account email of the service account that the instance is running as. + string service_account = 1; + // Attributes specific to the GCP join method when the joining entity is on a + // GCE instance. This may not be present if the joining entity is not on + // GCE. + JoinAttrsGCPGCE gce = 2; +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method +// when a pod-bound service account token is used. +message JoinAttrsKubernetesPod { + // The name of the service account that the joining entity is running as. + string name = 1; +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method +// when a service account token is used. +message JoinAttrsKubernetesServiceAccount { + // The name of the service account that the joining entity is running as. + string name = 1; + // The namespace of the service account that the joining entity is running as. + string namespace = 2; +} + +// Attributes that are specific to the Kubernetes (`kubernetes`) join method. +message JoinAttrsKubernetes { + // The fully qualified identifier of the entity based on the Kubernetes + // token. For a service account, this takes the form of + // `system:serviceaccount::`. + string subject = 1; + // Attributes specific to the Kubernetes join method when the joining entity + // is a service account token. This will only be present if the joining entity + // is a service account (as opposed to a human user or similar). + JoinAttrsKubernetesServiceAccount service_account = 2; + // Attributes specific to the Kubernetes join method when the joining entity + // is a pod-bound service account token. This will only be present if the + // joining entity is a service account, and, the token has been bound to a + // pod. + JoinAttrsKubernetesPod pod = 3; +}