diff --git a/.gitignore b/.gitignore index 24e5b0a..86b3eeb 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .build +*.swp diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 77f39ec..d1e9eaf 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,8 +4,8 @@ This document outlines the contribution guidelines for the SPIRE API SDK. This project follows the contribution and governance guidelines from the SPIFFE project (see -[CONTRIBUTING](https://github.com/spiffe/spiffe/blob/master/CONTRIBUTING.md) -and [GOVERNANCE](https://github.com/spiffe/spiffe/blob/master/GOVERNANCE.md)). +[CONTRIBUTING](https://github.com/spiffe/spiffe/blob/main/CONTRIBUTING.md) +and [GOVERNANCE](https://github.com/spiffe/spiffe/blob/main/GOVERNANCE.md)). ## Prerequisites @@ -29,24 +29,27 @@ $ make If you are adding a new .proto file, you first need to update the `Makefile` and add the .proto file to the relevant variables. -## Consuming Changes in SPIRE +## Opening PRs + +All PRs should target the `next` branch. The `next` branch is a staging area +for all features under development but not ready for release in an official +version of SPIRE. -SPIRE's main branch depends on a pseudo-version of this repository (see -https://golang.org/ref/mod#pseudo-versions). +Changes are cherry-picked into `main` from the `next` branch ahead of an +official SPIRE release. The commits in `main` are tagged with the supporting +SPIRE version. -While a new change in this repository is under development, you can add a -temporary `replace` directive to the SPIRE `go.mod` to allow you to consume the -changes. Care must be taken to not push the `replace` directive change up to -SPIRE. +## Consuming Changes in SPIRE -Once those changes have been merged and you are ready to consume them from -SPIRE, run `go get github.com/spiffe/spire-api-sdk@` in the SPIRE -repository. This will update `go.mod` in SPIRE to use the latest pseudo version -with that commit. +While a new change in this repository is under development, you can use [Go +Workspaces](https://go.dev/ref/mod#workspaces) to allow SPIRE to consume the +changes before they are merged into this repository. -When cutting a SPIRE release, this repository is tagged with the SPIRE -release version. The release branch in SPIRE is be updated to depend explicitly -on that version (i.e. `go get github.com/spiffe/spire-api-sdk@`). +SPIRE's main branch depends on a pseudo-version of this repository based on the +`next` branch (see https://golang.org/ref/mod#pseudo-versions). Once changes +have been merged into the `next` branch, the pseudo-version dependency in the +SPIRE repository can be updated by running `go get +github.com/spiffe/spire-api-sdk@next` from the SPIRE repository. Relying on a pseudo versions means that this repository only needs tags for the offically released versions, while still allowing SPIRE to work with diff --git a/Makefile b/Makefile index 2142e07..080e097 100644 --- a/Makefile +++ b/Makefile @@ -36,6 +36,7 @@ apiprotos := \ proto/spire/api/server/bundle/v1/bundle.proto \ proto/spire/api/server/debug/v1/debug.proto \ proto/spire/api/server/entry/v1/entry.proto \ + proto/spire/api/server/localauthority/v1/localauthority.proto \ proto/spire/api/server/trustdomain/v1/trustdomain.proto \ proto/spire/api/server/svid/v1/svid.proto \ @@ -62,6 +63,8 @@ ifeq ($(arch1),x86_64) arch2=amd64 else ifeq ($(arch1),aarch64) arch2=arm64 +else ifeq ($(arch1),arm64) +arch2=arm64 else $(error unsupported ARCH: $(arch1)) endif @@ -102,8 +105,8 @@ endif # protoc ############################################################################# -protoc_version = 3.14.0 -ifeq ($(arch1),aarch64) +protoc_version = 3.20.1 +ifeq ($(arch2),arm64) protoc_url = https://github.com/protocolbuffers/protobuf/releases/download/v$(protoc_version)/protoc-$(protoc_version)-$(os2)-aarch_64.zip else protoc_url = https://github.com/protocolbuffers/protobuf/releases/download/v$(protoc_version)/protoc-$(protoc_version)-$(os2)-$(arch1).zip diff --git a/go.mod b/go.mod index 2375ecb..180d7a0 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,6 @@ module github.com/spiffe/spire-api-sdk go 1.12 require ( - github.com/golang/protobuf v1.5.2 // indirect - google.golang.org/grpc v1.44.0 - google.golang.org/protobuf v1.27.1 + google.golang.org/grpc v1.48.0 + google.golang.org/protobuf v1.28.0 ) diff --git a/go.sum b/go.sum index b1816d2..e817934 100644 --- a/go.sum +++ b/go.sum @@ -8,15 +8,15 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -40,8 +40,9 @@ github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= +github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -63,8 +64,9 @@ golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -74,10 +76,14 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 h1:myAQVi0cGEoqQVR5POX+8RR2mrocKqNN1hmeMqhX27k= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -98,8 +104,8 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg= -google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.48.0 h1:rQOsyJ/8+ufEDJd/Gdsz7HG220Mh9HAhFHRGnIjda0w= +google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -111,8 +117,9 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/proto/spire/api/agent/debug/v1/debug.pb.go b/proto/spire/api/agent/debug/v1/debug.pb.go index f3d1424..15de1e1 100644 --- a/proto/spire/api/agent/debug/v1/debug.pb.go +++ b/proto/spire/api/agent/debug/v1/debug.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/agent/debug/v1/debug.proto package debugv1 diff --git a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.pb.go b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.pb.go index df8f652..5255d2a 100644 --- a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.pb.go +++ b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/agent/delegatedidentity/v1/delegatedidentity.proto package delegatedidentityv1 @@ -276,6 +276,202 @@ func (x *SubscribeToX509BundlesResponse) GetCaCertificates() map[string][]byte { return nil } +type FetchJWTSVIDsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Required. The audience(s) the workload intends to authenticate against. + Audience []string `protobuf:"bytes,1,rep,name=audience,proto3" json:"audience,omitempty"` + // Required. Selectors describing the workload to fetch. + Selectors []*types.Selector `protobuf:"bytes,2,rep,name=selectors,proto3" json:"selectors,omitempty"` +} + +func (x *FetchJWTSVIDsRequest) Reset() { + *x = FetchJWTSVIDsRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FetchJWTSVIDsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FetchJWTSVIDsRequest) ProtoMessage() {} + +func (x *FetchJWTSVIDsRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FetchJWTSVIDsRequest.ProtoReflect.Descriptor instead. +func (*FetchJWTSVIDsRequest) Descriptor() ([]byte, []int) { + return file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescGZIP(), []int{5} +} + +func (x *FetchJWTSVIDsRequest) GetAudience() []string { + if x != nil { + return x.Audience + } + return nil +} + +func (x *FetchJWTSVIDsRequest) GetSelectors() []*types.Selector { + if x != nil { + return x.Selectors + } + return nil +} + +// The FetchJWTSVIDsResponse message conveys JWT-SVIDs. +type FetchJWTSVIDsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Required. The list of returned JWT-SVIDs. + Svids []*types.JWTSVID `protobuf:"bytes,1,rep,name=svids,proto3" json:"svids,omitempty"` +} + +func (x *FetchJWTSVIDsResponse) Reset() { + *x = FetchJWTSVIDsResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FetchJWTSVIDsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FetchJWTSVIDsResponse) ProtoMessage() {} + +func (x *FetchJWTSVIDsResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FetchJWTSVIDsResponse.ProtoReflect.Descriptor instead. +func (*FetchJWTSVIDsResponse) Descriptor() ([]byte, []int) { + return file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescGZIP(), []int{6} +} + +func (x *FetchJWTSVIDsResponse) GetSvids() []*types.JWTSVID { + if x != nil { + return x.Svids + } + return nil +} + +// The SubscribeToJWTBundlesRequest message conveys parameters for requesting JWKS bundles. +// There are currently no such parameters. +type SubscribeToJWTBundlesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *SubscribeToJWTBundlesRequest) Reset() { + *x = SubscribeToJWTBundlesRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SubscribeToJWTBundlesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SubscribeToJWTBundlesRequest) ProtoMessage() {} + +func (x *SubscribeToJWTBundlesRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SubscribeToJWTBundlesRequest.ProtoReflect.Descriptor instead. +func (*SubscribeToJWTBundlesRequest) Descriptor() ([]byte, []int) { + return file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescGZIP(), []int{7} +} + +// The SubscribeToJWTBundlesReponse conveys JWKS bundles. +type SubscribeToJWTBundlesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Required. JWK encoded JWT bundles, keyed by the SPIFFE ID of the trust + // domain. + Bundles map[string][]byte `protobuf:"bytes,1,rep,name=bundles,proto3" json:"bundles,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` +} + +func (x *SubscribeToJWTBundlesResponse) Reset() { + *x = SubscribeToJWTBundlesResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *SubscribeToJWTBundlesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SubscribeToJWTBundlesResponse) ProtoMessage() {} + +func (x *SubscribeToJWTBundlesResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SubscribeToJWTBundlesResponse.ProtoReflect.Descriptor instead. +func (*SubscribeToJWTBundlesResponse) Descriptor() ([]byte, []int) { + return file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescGZIP(), []int{8} +} + +func (x *SubscribeToJWTBundlesResponse) GetBundles() map[string][]byte { + if x != nil { + return x.Bundles + } + return nil +} + var File_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto protoreflect.FileDescriptor var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDesc = []byte{ @@ -289,74 +485,121 @@ var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDesc = 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x6d, 0x0a, 0x0f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, - 0x57, 0x69, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x12, 0x36, 0x0a, 0x09, 0x78, 0x35, 0x30, 0x39, 0x5f, - 0x73, 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, - 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x58, 0x35, 0x30, - 0x39, 0x53, 0x56, 0x49, 0x44, 0x52, 0x08, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, 0x64, 0x12, - 0x22, 0x0a, 0x0d, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x6b, 0x65, 0x79, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0b, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, 0x64, - 0x4b, 0x65, 0x79, 0x22, 0x56, 0x0a, 0x1b, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, - 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, - 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, - 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x22, 0x9b, 0x01, 0x0a, 0x1c, - 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, - 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x0a, - 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, - 0x32, 0x35, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, - 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, - 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, - 0x57, 0x69, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, - 0x64, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x5f, - 0x77, 0x69, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x66, 0x65, 0x64, 0x65, - 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x22, 0x1f, 0x0a, 0x1d, 0x53, 0x75, 0x62, - 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, 0x64, - 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xe7, 0x01, 0x0a, 0x1e, 0x53, - 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, - 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x81, 0x01, - 0x0a, 0x0f, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x58, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, - 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, - 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, - 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x43, 0x61, - 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, - 0x79, 0x52, 0x0e, 0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, - 0x73, 0x1a, 0x41, 0x0a, 0x13, 0x43, 0x61, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, - 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, - 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, - 0x3a, 0x02, 0x38, 0x01, 0x32, 0xdd, 0x02, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, - 0x65, 0x64, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x9f, 0x01, 0x0a, 0x14, 0x53, + 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, + 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x6a, 0x77, 0x74, 0x73, 0x76, 0x69, 0x64, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x22, 0x6d, 0x0a, 0x0f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x57, + 0x69, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x12, 0x36, 0x0a, 0x09, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, + 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x58, 0x35, 0x30, 0x39, + 0x53, 0x56, 0x49, 0x44, 0x52, 0x08, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, 0x64, 0x12, 0x22, + 0x0a, 0x0d, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x6b, 0x65, 0x79, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0b, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, 0x64, 0x4b, + 0x65, 0x79, 0x22, 0x56, 0x0a, 0x1b, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, + 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x37, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x01, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, + 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x22, 0x9b, 0x01, 0x0a, 0x1c, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, - 0x49, 0x44, 0x73, 0x12, 0x41, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, - 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, - 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x42, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x49, 0x44, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x0a, 0x78, + 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x35, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, + 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x57, + 0x69, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, 0x69, 0x64, + 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x5f, 0x77, + 0x69, 0x74, 0x68, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x66, 0x65, 0x64, 0x65, 0x72, + 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x22, 0x1f, 0x0a, 0x1d, 0x53, 0x75, 0x62, 0x73, + 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, 0x64, 0x6c, + 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xe7, 0x01, 0x0a, 0x1e, 0x53, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, + 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x81, 0x01, 0x0a, + 0x0f, 0x63, 0x61, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, + 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x58, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, + 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x43, 0x61, 0x43, + 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x52, 0x0e, 0x63, 0x61, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, + 0x1a, 0x41, 0x0a, 0x13, 0x43, 0x61, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, + 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x22, 0x6b, 0x0a, 0x14, 0x46, 0x65, 0x74, 0x63, 0x68, 0x4a, 0x57, 0x54, 0x53, + 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x61, + 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x08, 0x61, + 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x12, 0x37, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, + 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, + 0x22, 0x47, 0x0a, 0x15, 0x46, 0x65, 0x74, 0x63, 0x68, 0x4a, 0x57, 0x54, 0x53, 0x56, 0x49, 0x44, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a, 0x05, 0x73, 0x76, 0x69, + 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x4a, 0x57, 0x54, 0x53, 0x56, + 0x49, 0x44, 0x52, 0x05, 0x73, 0x76, 0x69, 0x64, 0x73, 0x22, 0x1e, 0x0a, 0x1c, 0x53, 0x75, 0x62, + 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, 0x57, 0x54, 0x42, 0x75, 0x6e, 0x64, 0x6c, + 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xc7, 0x01, 0x0a, 0x1d, 0x53, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, 0x57, 0x54, 0x42, 0x75, 0x6e, 0x64, + 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6a, 0x0a, 0x07, 0x62, + 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x50, 0x2e, 0x73, + 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, + 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, + 0x57, 0x54, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x2e, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, + 0x62, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x1a, 0x3a, 0x0a, 0x0c, 0x42, 0x75, 0x6e, 0x64, 0x6c, + 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x32, 0x8d, 0x05, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, + 0x64, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x9f, 0x01, 0x0a, 0x14, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, - 0x44, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x30, 0x01, 0x12, 0xa5, 0x01, 0x0a, - 0x16, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, - 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x12, 0x43, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, - 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, - 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, - 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x44, 0x2e, 0x73, + 0x44, 0x73, 0x12, 0x41, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, + 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, + 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x42, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, + 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, + 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x30, 0x01, 0x12, 0xa5, 0x01, 0x0a, 0x16, + 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, + 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x12, 0x43, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, + 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, + 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, + 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x44, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, + 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, 0x35, + 0x30, 0x39, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x30, 0x01, 0x12, 0x88, 0x01, 0x0a, 0x0d, 0x46, 0x65, 0x74, 0x63, 0x68, 0x4a, 0x57, 0x54, + 0x53, 0x56, 0x49, 0x44, 0x73, 0x12, 0x3a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, + 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x65, 0x74, + 0x63, 0x68, 0x4a, 0x57, 0x54, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x3b, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, + 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, + 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x65, 0x74, 0x63, 0x68, 0x4a, 0x57, + 0x54, 0x53, 0x56, 0x49, 0x44, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0xa2, + 0x01, 0x0a, 0x15, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, 0x57, + 0x54, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x12, 0x42, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, + 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, + 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, 0x57, 0x54, 0x42, 0x75, + 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x43, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, - 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x58, - 0x35, 0x30, 0x39, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x30, 0x01, 0x42, 0x60, 0x5a, 0x5e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, - 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, - 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2f, 0x64, 0x65, - 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, - 0x76, 0x31, 0x3b, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, - 0x74, 0x69, 0x74, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x75, 0x62, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, 0x54, 0x6f, 0x4a, + 0x57, 0x54, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x30, 0x01, 0x42, 0x60, 0x5a, 0x5e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, + 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, + 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2f, 0x64, 0x65, 0x6c, + 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x2f, 0x76, + 0x31, 0x3b, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x64, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -371,31 +614,44 @@ func file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescGZ return file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDescData } -var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes = make([]protoimpl.MessageInfo, 11) var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_goTypes = []interface{}{ (*X509SVIDWithKey)(nil), // 0: spire.api.agent.delegatedidentity.v1.X509SVIDWithKey (*SubscribeToX509SVIDsRequest)(nil), // 1: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsRequest (*SubscribeToX509SVIDsResponse)(nil), // 2: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsResponse (*SubscribeToX509BundlesRequest)(nil), // 3: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesRequest (*SubscribeToX509BundlesResponse)(nil), // 4: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse - nil, // 5: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.CaCertificatesEntry - (*types.X509SVID)(nil), // 6: spire.api.types.X509SVID - (*types.Selector)(nil), // 7: spire.api.types.Selector + (*FetchJWTSVIDsRequest)(nil), // 5: spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsRequest + (*FetchJWTSVIDsResponse)(nil), // 6: spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsResponse + (*SubscribeToJWTBundlesRequest)(nil), // 7: spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesRequest + (*SubscribeToJWTBundlesResponse)(nil), // 8: spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesResponse + nil, // 9: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.CaCertificatesEntry + nil, // 10: spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesResponse.BundlesEntry + (*types.X509SVID)(nil), // 11: spire.api.types.X509SVID + (*types.Selector)(nil), // 12: spire.api.types.Selector + (*types.JWTSVID)(nil), // 13: spire.api.types.JWTSVID } var file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_depIdxs = []int32{ - 6, // 0: spire.api.agent.delegatedidentity.v1.X509SVIDWithKey.x509_svid:type_name -> spire.api.types.X509SVID - 7, // 1: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsRequest.selectors:type_name -> spire.api.types.Selector - 0, // 2: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsResponse.x509_svids:type_name -> spire.api.agent.delegatedidentity.v1.X509SVIDWithKey - 5, // 3: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.ca_certificates:type_name -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.CaCertificatesEntry - 1, // 4: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509SVIDs:input_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsRequest - 3, // 5: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509Bundles:input_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesRequest - 2, // 6: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509SVIDs:output_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsResponse - 4, // 7: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509Bundles:output_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse - 6, // [6:8] is the sub-list for method output_type - 4, // [4:6] is the sub-list for method input_type - 4, // [4:4] is the sub-list for extension type_name - 4, // [4:4] is the sub-list for extension extendee - 0, // [0:4] is the sub-list for field type_name + 11, // 0: spire.api.agent.delegatedidentity.v1.X509SVIDWithKey.x509_svid:type_name -> spire.api.types.X509SVID + 12, // 1: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsRequest.selectors:type_name -> spire.api.types.Selector + 0, // 2: spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsResponse.x509_svids:type_name -> spire.api.agent.delegatedidentity.v1.X509SVIDWithKey + 9, // 3: spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.ca_certificates:type_name -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse.CaCertificatesEntry + 12, // 4: spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsRequest.selectors:type_name -> spire.api.types.Selector + 13, // 5: spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsResponse.svids:type_name -> spire.api.types.JWTSVID + 10, // 6: spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesResponse.bundles:type_name -> spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesResponse.BundlesEntry + 1, // 7: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509SVIDs:input_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsRequest + 3, // 8: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509Bundles:input_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesRequest + 5, // 9: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.FetchJWTSVIDs:input_type -> spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsRequest + 7, // 10: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToJWTBundles:input_type -> spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesRequest + 2, // 11: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509SVIDs:output_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509SVIDsResponse + 4, // 12: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToX509Bundles:output_type -> spire.api.agent.delegatedidentity.v1.SubscribeToX509BundlesResponse + 6, // 13: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.FetchJWTSVIDs:output_type -> spire.api.agent.delegatedidentity.v1.FetchJWTSVIDsResponse + 8, // 14: spire.api.agent.delegatedidentity.v1.DelegatedIdentity.SubscribeToJWTBundles:output_type -> spire.api.agent.delegatedidentity.v1.SubscribeToJWTBundlesResponse + 11, // [11:15] is the sub-list for method output_type + 7, // [7:11] is the sub-list for method input_type + 7, // [7:7] is the sub-list for extension type_name + 7, // [7:7] is the sub-list for extension extendee + 0, // [0:7] is the sub-list for field type_name } func init() { file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_init() } @@ -464,6 +720,54 @@ func file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_init() { return nil } } + file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FetchJWTSVIDsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FetchJWTSVIDsResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SubscribeToJWTBundlesRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SubscribeToJWTBundlesResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } type x struct{} out := protoimpl.TypeBuilder{ @@ -471,7 +775,7 @@ func file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_spire_api_agent_delegatedidentity_v1_delegatedidentity_proto_rawDesc, NumEnums: 0, - NumMessages: 6, + NumMessages: 11, NumExtensions: 0, NumServices: 1, }, diff --git a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.proto b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.proto index 6be0844..0c921a9 100644 --- a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.proto +++ b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.proto @@ -4,6 +4,7 @@ option go_package = "github.com/spiffe/spire-api-sdk/proto/spire/api/agent/deleg import "spire/api/types/selector.proto"; import "spire/api/types/x509svid.proto"; +import "spire/api/types/jwtsvid.proto"; // The delegatedIdentity service provides an interface to get the SVIDs of other // workloads on the host. This service is intended for use cases where a process @@ -22,6 +23,14 @@ service DelegatedIdentity { // Subscribe to get local and all federated bundles. // The lifetime of the subscription aligns to the lifetime of the stream. rpc SubscribeToX509Bundles(SubscribeToX509BundlesRequest) returns (stream SubscribeToX509BundlesResponse); + + // Fetch JWT-SVIDs for workloads that match the given selectors, and + // for the requested audience. + rpc FetchJWTSVIDs(FetchJWTSVIDsRequest) returns (FetchJWTSVIDsResponse); + + // Subscribe to get local and all federated JWKS bundles. + // The lifetime of the subscription aligns to the lifetime of the stream. + rpc SubscribeToJWTBundles(SubscribeToJWTBundlesRequest) returns (stream SubscribeToJWTBundlesResponse); } // X.509 SPIFFE Verifiable Identity Document with the private key. @@ -58,3 +67,29 @@ message SubscribeToX509BundlesResponse { // X.509 CA certificates as the values map ca_certificates = 1; } + +message FetchJWTSVIDsRequest { + // Required. The audience(s) the workload intends to authenticate against. + repeated string audience = 1; + + // Required. Selectors describing the workload to fetch. + repeated spire.api.types.Selector selectors = 2; +} + +// The FetchJWTSVIDsResponse message conveys JWT-SVIDs. +message FetchJWTSVIDsResponse { + // Required. The list of returned JWT-SVIDs. + repeated spire.api.types.JWTSVID svids = 1; +} + +// The SubscribeToJWTBundlesRequest message conveys parameters for requesting JWKS bundles. +// There are currently no such parameters. +message SubscribeToJWTBundlesRequest { +} + +// The SubscribeToJWTBundlesReponse conveys JWKS bundles. +message SubscribeToJWTBundlesResponse { + // Required. JWK encoded JWT bundles, keyed by the SPIFFE ID of the trust + // domain. + map bundles = 1; +} \ No newline at end of file diff --git a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity_grpc.pb.go b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity_grpc.pb.go index add6924..c2187a0 100644 --- a/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity_grpc.pb.go +++ b/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity_grpc.pb.go @@ -23,6 +23,12 @@ type DelegatedIdentityClient interface { // Subscribe to get local and all federated bundles. // The lifetime of the subscription aligns to the lifetime of the stream. SubscribeToX509Bundles(ctx context.Context, in *SubscribeToX509BundlesRequest, opts ...grpc.CallOption) (DelegatedIdentity_SubscribeToX509BundlesClient, error) + // Fetch JWT-SVIDs for workloads that match the given selectors, and + // for the requested audience. + FetchJWTSVIDs(ctx context.Context, in *FetchJWTSVIDsRequest, opts ...grpc.CallOption) (*FetchJWTSVIDsResponse, error) + // Subscribe to get local and all federated JWKS bundles. + // The lifetime of the subscription aligns to the lifetime of the stream. + SubscribeToJWTBundles(ctx context.Context, in *SubscribeToJWTBundlesRequest, opts ...grpc.CallOption) (DelegatedIdentity_SubscribeToJWTBundlesClient, error) } type delegatedIdentityClient struct { @@ -97,6 +103,47 @@ func (x *delegatedIdentitySubscribeToX509BundlesClient) Recv() (*SubscribeToX509 return m, nil } +func (c *delegatedIdentityClient) FetchJWTSVIDs(ctx context.Context, in *FetchJWTSVIDsRequest, opts ...grpc.CallOption) (*FetchJWTSVIDsResponse, error) { + out := new(FetchJWTSVIDsResponse) + err := c.cc.Invoke(ctx, "/spire.api.agent.delegatedidentity.v1.DelegatedIdentity/FetchJWTSVIDs", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *delegatedIdentityClient) SubscribeToJWTBundles(ctx context.Context, in *SubscribeToJWTBundlesRequest, opts ...grpc.CallOption) (DelegatedIdentity_SubscribeToJWTBundlesClient, error) { + stream, err := c.cc.NewStream(ctx, &_DelegatedIdentity_serviceDesc.Streams[2], "/spire.api.agent.delegatedidentity.v1.DelegatedIdentity/SubscribeToJWTBundles", opts...) + if err != nil { + return nil, err + } + x := &delegatedIdentitySubscribeToJWTBundlesClient{stream} + if err := x.ClientStream.SendMsg(in); err != nil { + return nil, err + } + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + return x, nil +} + +type DelegatedIdentity_SubscribeToJWTBundlesClient interface { + Recv() (*SubscribeToJWTBundlesResponse, error) + grpc.ClientStream +} + +type delegatedIdentitySubscribeToJWTBundlesClient struct { + grpc.ClientStream +} + +func (x *delegatedIdentitySubscribeToJWTBundlesClient) Recv() (*SubscribeToJWTBundlesResponse, error) { + m := new(SubscribeToJWTBundlesResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + // DelegatedIdentityServer is the server API for DelegatedIdentity service. // All implementations must embed UnimplementedDelegatedIdentityServer // for forward compatibility @@ -107,6 +154,12 @@ type DelegatedIdentityServer interface { // Subscribe to get local and all federated bundles. // The lifetime of the subscription aligns to the lifetime of the stream. SubscribeToX509Bundles(*SubscribeToX509BundlesRequest, DelegatedIdentity_SubscribeToX509BundlesServer) error + // Fetch JWT-SVIDs for workloads that match the given selectors, and + // for the requested audience. + FetchJWTSVIDs(context.Context, *FetchJWTSVIDsRequest) (*FetchJWTSVIDsResponse, error) + // Subscribe to get local and all federated JWKS bundles. + // The lifetime of the subscription aligns to the lifetime of the stream. + SubscribeToJWTBundles(*SubscribeToJWTBundlesRequest, DelegatedIdentity_SubscribeToJWTBundlesServer) error mustEmbedUnimplementedDelegatedIdentityServer() } @@ -120,6 +173,12 @@ func (UnimplementedDelegatedIdentityServer) SubscribeToX509SVIDs(*SubscribeToX50 func (UnimplementedDelegatedIdentityServer) SubscribeToX509Bundles(*SubscribeToX509BundlesRequest, DelegatedIdentity_SubscribeToX509BundlesServer) error { return status.Errorf(codes.Unimplemented, "method SubscribeToX509Bundles not implemented") } +func (UnimplementedDelegatedIdentityServer) FetchJWTSVIDs(context.Context, *FetchJWTSVIDsRequest) (*FetchJWTSVIDsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FetchJWTSVIDs not implemented") +} +func (UnimplementedDelegatedIdentityServer) SubscribeToJWTBundles(*SubscribeToJWTBundlesRequest, DelegatedIdentity_SubscribeToJWTBundlesServer) error { + return status.Errorf(codes.Unimplemented, "method SubscribeToJWTBundles not implemented") +} func (UnimplementedDelegatedIdentityServer) mustEmbedUnimplementedDelegatedIdentityServer() {} // UnsafeDelegatedIdentityServer may be embedded to opt out of forward compatibility for this service. @@ -175,10 +234,54 @@ func (x *delegatedIdentitySubscribeToX509BundlesServer) Send(m *SubscribeToX509B return x.ServerStream.SendMsg(m) } +func _DelegatedIdentity_FetchJWTSVIDs_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FetchJWTSVIDsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(DelegatedIdentityServer).FetchJWTSVIDs(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.agent.delegatedidentity.v1.DelegatedIdentity/FetchJWTSVIDs", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(DelegatedIdentityServer).FetchJWTSVIDs(ctx, req.(*FetchJWTSVIDsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _DelegatedIdentity_SubscribeToJWTBundles_Handler(srv interface{}, stream grpc.ServerStream) error { + m := new(SubscribeToJWTBundlesRequest) + if err := stream.RecvMsg(m); err != nil { + return err + } + return srv.(DelegatedIdentityServer).SubscribeToJWTBundles(m, &delegatedIdentitySubscribeToJWTBundlesServer{stream}) +} + +type DelegatedIdentity_SubscribeToJWTBundlesServer interface { + Send(*SubscribeToJWTBundlesResponse) error + grpc.ServerStream +} + +type delegatedIdentitySubscribeToJWTBundlesServer struct { + grpc.ServerStream +} + +func (x *delegatedIdentitySubscribeToJWTBundlesServer) Send(m *SubscribeToJWTBundlesResponse) error { + return x.ServerStream.SendMsg(m) +} + var _DelegatedIdentity_serviceDesc = grpc.ServiceDesc{ ServiceName: "spire.api.agent.delegatedidentity.v1.DelegatedIdentity", HandlerType: (*DelegatedIdentityServer)(nil), - Methods: []grpc.MethodDesc{}, + Methods: []grpc.MethodDesc{ + { + MethodName: "FetchJWTSVIDs", + Handler: _DelegatedIdentity_FetchJWTSVIDs_Handler, + }, + }, Streams: []grpc.StreamDesc{ { StreamName: "SubscribeToX509SVIDs", @@ -190,6 +293,11 @@ var _DelegatedIdentity_serviceDesc = grpc.ServiceDesc{ Handler: _DelegatedIdentity_SubscribeToX509Bundles_Handler, ServerStreams: true, }, + { + StreamName: "SubscribeToJWTBundles", + Handler: _DelegatedIdentity_SubscribeToJWTBundles_Handler, + ServerStreams: true, + }, }, Metadata: "spire/api/agent/delegatedidentity/v1/delegatedidentity.proto", } diff --git a/proto/spire/api/server/agent/v1/agent.pb.go b/proto/spire/api/server/agent/v1/agent.pb.go index 4f1a985..8f0de12 100644 --- a/proto/spire/api/server/agent/v1/agent.pb.go +++ b/proto/spire/api/server/agent/v1/agent.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/agent/v1/agent.proto package agentv1 @@ -27,6 +27,9 @@ type CountAgentsRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + + // Filters the agents returned by the list operation. + Filter *CountAgentsRequest_Filter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` } func (x *CountAgentsRequest) Reset() { @@ -61,6 +64,13 @@ func (*CountAgentsRequest) Descriptor() ([]byte, []int) { return file_spire_api_server_agent_v1_agent_proto_rawDescGZIP(), []int{0} } +func (x *CountAgentsRequest) GetFilter() *CountAgentsRequest_Filter { + if x != nil { + return x.Filter + } + return nil +} + type CountAgentsResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -779,6 +789,176 @@ func (x *AgentX509SVIDParams) GetCsr() []byte { return nil } +type PostStatusRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Required. Serial number of the bundle currently being served by the agent + CurrentBundleSerial uint64 `protobuf:"varint,1,opt,name=current_bundle_serial,json=currentBundleSerial,proto3" json:"current_bundle_serial,omitempty"` +} + +func (x *PostStatusRequest) Reset() { + *x = PostStatusRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PostStatusRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PostStatusRequest) ProtoMessage() {} + +func (x *PostStatusRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PostStatusRequest.ProtoReflect.Descriptor instead. +func (*PostStatusRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_agent_v1_agent_proto_rawDescGZIP(), []int{13} +} + +func (x *PostStatusRequest) GetCurrentBundleSerial() uint64 { + if x != nil { + return x.CurrentBundleSerial + } + return 0 +} + +type PostStatusResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *PostStatusResponse) Reset() { + *x = PostStatusResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PostStatusResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PostStatusResponse) ProtoMessage() {} + +func (x *PostStatusResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[14] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PostStatusResponse.ProtoReflect.Descriptor instead. +func (*PostStatusResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_agent_v1_agent_proto_rawDescGZIP(), []int{14} +} + +type CountAgentsRequest_Filter struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Filters agents to those matching the attestation type. + ByAttestationType string `protobuf:"bytes,1,opt,name=by_attestation_type,json=byAttestationType,proto3" json:"by_attestation_type,omitempty"` + // Filters agents to those satisfying the selector match. + BySelectorMatch *types.SelectorMatch `protobuf:"bytes,2,opt,name=by_selector_match,json=bySelectorMatch,proto3" json:"by_selector_match,omitempty"` + // Filters agents to those that are banned. + ByBanned *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=by_banned,json=byBanned,proto3" json:"by_banned,omitempty"` + // Filters agents that can re-attest. + ByCanReattest *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=by_can_reattest,json=byCanReattest,proto3" json:"by_can_reattest,omitempty"` + // Filters agents by those expires before. + ByExpiresBefore string `protobuf:"bytes,5,opt,name=by_expires_before,json=byExpiresBefore,proto3" json:"by_expires_before,omitempty"` +} + +func (x *CountAgentsRequest_Filter) Reset() { + *x = CountAgentsRequest_Filter{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CountAgentsRequest_Filter) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CountAgentsRequest_Filter) ProtoMessage() {} + +func (x *CountAgentsRequest_Filter) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[15] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CountAgentsRequest_Filter.ProtoReflect.Descriptor instead. +func (*CountAgentsRequest_Filter) Descriptor() ([]byte, []int) { + return file_spire_api_server_agent_v1_agent_proto_rawDescGZIP(), []int{0, 0} +} + +func (x *CountAgentsRequest_Filter) GetByAttestationType() string { + if x != nil { + return x.ByAttestationType + } + return "" +} + +func (x *CountAgentsRequest_Filter) GetBySelectorMatch() *types.SelectorMatch { + if x != nil { + return x.BySelectorMatch + } + return nil +} + +func (x *CountAgentsRequest_Filter) GetByBanned() *wrapperspb.BoolValue { + if x != nil { + return x.ByBanned + } + return nil +} + +func (x *CountAgentsRequest_Filter) GetByCanReattest() *wrapperspb.BoolValue { + if x != nil { + return x.ByCanReattest + } + return nil +} + +func (x *CountAgentsRequest_Filter) GetByExpiresBefore() string { + if x != nil { + return x.ByExpiresBefore + } + return "" +} + type ListAgentsRequest_Filter struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -790,12 +970,16 @@ type ListAgentsRequest_Filter struct { BySelectorMatch *types.SelectorMatch `protobuf:"bytes,2,opt,name=by_selector_match,json=bySelectorMatch,proto3" json:"by_selector_match,omitempty"` // Filters agents to those that are banned. ByBanned *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=by_banned,json=byBanned,proto3" json:"by_banned,omitempty"` + // Filters agents that can re-attest. + ByCanReattest *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=by_can_reattest,json=byCanReattest,proto3" json:"by_can_reattest,omitempty"` + // Filters agents by those expires before. + ByExpiresBefore string `protobuf:"bytes,5,opt,name=by_expires_before,json=byExpiresBefore,proto3" json:"by_expires_before,omitempty"` } func (x *ListAgentsRequest_Filter) Reset() { *x = ListAgentsRequest_Filter{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[13] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -808,7 +992,7 @@ func (x *ListAgentsRequest_Filter) String() string { func (*ListAgentsRequest_Filter) ProtoMessage() {} func (x *ListAgentsRequest_Filter) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[13] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[16] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -845,6 +1029,20 @@ func (x *ListAgentsRequest_Filter) GetByBanned() *wrapperspb.BoolValue { return nil } +func (x *ListAgentsRequest_Filter) GetByCanReattest() *wrapperspb.BoolValue { + if x != nil { + return x.ByCanReattest + } + return nil +} + +func (x *ListAgentsRequest_Filter) GetByExpiresBefore() string { + if x != nil { + return x.ByExpiresBefore + } + return "" +} + type AttestAgentRequest_Params struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -859,7 +1057,7 @@ type AttestAgentRequest_Params struct { func (x *AttestAgentRequest_Params) Reset() { *x = AttestAgentRequest_Params{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[14] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -872,7 +1070,7 @@ func (x *AttestAgentRequest_Params) String() string { func (*AttestAgentRequest_Params) ProtoMessage() {} func (x *AttestAgentRequest_Params) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[14] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[17] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -909,12 +1107,14 @@ type AttestAgentResponse_Result struct { // The agent X509-SVID. Svid *types.X509SVID `protobuf:"bytes,1,opt,name=svid,proto3" json:"svid,omitempty"` + // Whether or not the attested agent can reattest to renew its X509-SVID + Reattestable bool `protobuf:"varint,2,opt,name=reattestable,proto3" json:"reattestable,omitempty"` } func (x *AttestAgentResponse_Result) Reset() { *x = AttestAgentResponse_Result{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[15] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -927,7 +1127,7 @@ func (x *AttestAgentResponse_Result) String() string { func (*AttestAgentResponse_Result) ProtoMessage() {} func (x *AttestAgentResponse_Result) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[15] + mi := &file_spire_api_server_agent_v1_agent_proto_msgTypes[18] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -950,6 +1150,13 @@ func (x *AttestAgentResponse_Result) GetSvid() *types.X509SVID { return nil } +func (x *AttestAgentResponse_Result) GetReattestable() bool { + if x != nil { + return x.Reattestable + } + return false +} + var File_spire_api_server_agent_v1_agent_proto protoreflect.FileDescriptor var file_spire_api_server_agent_v1_agent_proto_rawDesc = []byte{ @@ -973,165 +1180,211 @@ var file_spire_api_server_agent_v1_agent_proto_rawDesc = []byte{ 0x73, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x22, 0x14, 0x0a, 0x12, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x2b, 0x0a, 0x13, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, - 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, - 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x22, 0x99, 0x03, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, - 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4b, 0x0a, 0x06, 0x66, 0x69, 0x6c, - 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, - 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, - 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, - 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, - 0x65, 0x6e, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, - 0x61, 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, - 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, - 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x1a, - 0xbd, 0x01, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x0a, 0x13, 0x62, 0x79, - 0x5f, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x62, 0x79, 0x41, 0x74, 0x74, 0x65, 0x73, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x4a, 0x0a, 0x11, 0x62, 0x79, - 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, - 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x0f, 0x62, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x37, 0x0a, 0x09, 0x62, 0x79, 0x5f, 0x62, 0x61, 0x6e, - 0x6e, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x62, 0x79, 0x42, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x22, - 0x6c, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a, 0x06, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x18, - 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x06, 0x61, - 0x67, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, - 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, - 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x79, 0x0a, - 0x0f, 0x47, 0x65, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x12, 0x29, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, - 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, - 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, - 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, - 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, - 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x3f, 0x0a, 0x12, 0x44, 0x65, 0x6c, 0x65, - 0x74, 0x65, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x29, - 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, - 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, - 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x22, 0x3c, 0x0a, 0x0f, 0x42, 0x61, 0x6e, - 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x29, 0x0a, 0x02, - 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, - 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x22, 0xa6, 0x02, 0x0a, 0x12, 0x41, 0x74, 0x74, 0x65, - 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4e, - 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, - 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, - 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, - 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x50, 0x61, - 0x72, 0x61, 0x6d, 0x73, 0x48, 0x00, 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x2f, - 0x0a, 0x12, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x5f, 0x72, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x11, 0x63, 0x68, - 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x1a, - 0x86, 0x01, 0x0a, 0x06, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x34, 0x0a, 0x04, 0x64, 0x61, - 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, - 0x12, 0x46, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x67, 0x65, - 0x6e, 0x74, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, - 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x42, 0x06, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, - 0x22, 0xc7, 0x01, 0x0a, 0x13, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4f, 0x0a, 0x06, 0x72, 0x65, 0x73, 0x75, - 0x6c, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x22, 0x92, 0x03, 0x0a, 0x12, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4c, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, + 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x1a, 0xad, 0x02, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, + 0x12, 0x2e, 0x0a, 0x13, 0x62, 0x79, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x62, + 0x79, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, + 0x12, 0x4a, 0x0a, 0x11, 0x62, 0x79, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, + 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, + 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x0f, 0x62, 0x79, 0x53, + 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x37, 0x0a, 0x09, + 0x62, 0x79, 0x5f, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x62, 0x79, 0x42, + 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x12, 0x42, 0x0a, 0x0f, 0x62, 0x79, 0x5f, 0x63, 0x61, 0x6e, 0x5f, + 0x72, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x62, 0x79, 0x43, 0x61, + 0x6e, 0x52, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x12, 0x2a, 0x0a, 0x11, 0x62, 0x79, 0x5f, + 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x62, 0x79, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x42, + 0x65, 0x66, 0x6f, 0x72, 0x65, 0x22, 0x2b, 0x0a, 0x13, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, + 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, 0x75, + 0x6e, 0x74, 0x22, 0x89, 0x04, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4b, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, - 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x48, - 0x00, 0x52, 0x06, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x1e, 0x0a, 0x09, 0x63, 0x68, 0x61, - 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x09, - 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x1a, 0x37, 0x0a, 0x06, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x12, 0x2d, 0x0a, 0x04, 0x73, 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, - 0x70, 0x65, 0x73, 0x2e, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x52, 0x04, 0x73, 0x76, - 0x69, 0x64, 0x42, 0x06, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x22, 0x5b, 0x0a, 0x11, 0x52, 0x65, - 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, - 0x46, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, + 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, + 0x6e, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, + 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, + 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x1a, 0xad, + 0x02, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x2e, 0x0a, 0x13, 0x62, 0x79, 0x5f, + 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x62, 0x79, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x4a, 0x0a, 0x11, 0x62, 0x79, 0x5f, + 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, + 0x61, 0x74, 0x63, 0x68, 0x52, 0x0f, 0x62, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x4d, 0x61, 0x74, 0x63, 0x68, 0x12, 0x37, 0x0a, 0x09, 0x62, 0x79, 0x5f, 0x62, 0x61, 0x6e, 0x6e, + 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, + 0x61, 0x6c, 0x75, 0x65, 0x52, 0x08, 0x62, 0x79, 0x42, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x12, 0x42, + 0x0a, 0x0f, 0x62, 0x79, 0x5f, 0x63, 0x61, 0x6e, 0x5f, 0x72, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, + 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, + 0x6c, 0x75, 0x65, 0x52, 0x0d, 0x62, 0x79, 0x43, 0x61, 0x6e, 0x52, 0x65, 0x61, 0x74, 0x74, 0x65, + 0x73, 0x74, 0x12, 0x2a, 0x0a, 0x11, 0x62, 0x79, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, + 0x5f, 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x62, + 0x79, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x42, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x22, 0x6c, + 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a, 0x06, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x01, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x06, 0x61, 0x67, + 0x65, 0x6e, 0x74, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, + 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, + 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x79, 0x0a, 0x0f, + 0x47, 0x65, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x29, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, + 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, + 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, + 0x73, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, + 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x3f, 0x0a, 0x12, 0x44, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x29, 0x0a, + 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, + 0x46, 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x22, 0x3c, 0x0a, 0x0f, 0x42, 0x61, 0x6e, 0x41, + 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x29, 0x0a, 0x02, 0x69, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, + 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x22, 0xa6, 0x02, 0x0a, 0x12, 0x41, 0x74, 0x74, 0x65, 0x73, + 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4e, 0x0a, + 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, 0x2e, + 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x50, 0x61, 0x72, + 0x61, 0x6d, 0x73, 0x48, 0x00, 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x2f, 0x0a, + 0x12, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x11, 0x63, 0x68, 0x61, + 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x1a, 0x86, + 0x01, 0x0a, 0x06, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x34, 0x0a, 0x04, 0x64, 0x61, 0x74, + 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, + 0x46, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, - 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x22, 0x43, 0x0a, 0x12, 0x52, 0x65, 0x6e, 0x65, 0x77, - 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2d, 0x0a, - 0x04, 0x73, 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x58, 0x35, - 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x52, 0x04, 0x73, 0x76, 0x69, 0x64, 0x22, 0x76, 0x0a, 0x16, - 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x05, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, - 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x34, - 0x0a, 0x08, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, + 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x42, 0x06, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x22, + 0xeb, 0x01, 0x0a, 0x13, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4f, 0x0a, 0x06, 0x72, 0x65, 0x73, 0x75, 0x6c, + 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x48, 0x00, + 0x52, 0x06, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x1e, 0x0a, 0x09, 0x63, 0x68, 0x61, 0x6c, + 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x09, 0x63, + 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x1a, 0x5b, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, + 0x6c, 0x74, 0x12, 0x2d, 0x0a, 0x04, 0x73, 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, - 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x07, 0x61, 0x67, 0x65, - 0x6e, 0x74, 0x49, 0x64, 0x22, 0x27, 0x0a, 0x13, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x58, 0x35, 0x30, - 0x39, 0x53, 0x56, 0x49, 0x44, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x63, - 0x73, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x63, 0x73, 0x72, 0x32, 0x95, 0x06, - 0x0a, 0x05, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x6c, 0x0a, 0x0b, 0x43, 0x6f, 0x75, 0x6e, 0x74, - 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, - 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, - 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x65, 0x73, 0x2e, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x52, 0x04, 0x73, 0x76, 0x69, + 0x64, 0x12, 0x22, 0x0a, 0x0c, 0x72, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x62, 0x6c, + 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x72, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, + 0x74, 0x61, 0x62, 0x6c, 0x65, 0x42, 0x06, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x22, 0x5b, 0x0a, + 0x11, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x46, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x41, + 0x67, 0x65, 0x6e, 0x74, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x50, 0x61, 0x72, 0x61, + 0x6d, 0x73, 0x52, 0x06, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x22, 0x43, 0x0a, 0x12, 0x52, 0x65, + 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x2d, 0x0a, 0x04, 0x73, 0x76, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, + 0x2e, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x52, 0x04, 0x73, 0x76, 0x69, 0x64, 0x22, + 0x76, 0x0a, 0x16, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x74, 0x6c, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, + 0x6e, 0x12, 0x34, 0x0a, 0x08, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x07, + 0x61, 0x67, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x22, 0x27, 0x0a, 0x13, 0x41, 0x67, 0x65, 0x6e, 0x74, + 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, 0x10, + 0x0a, 0x03, 0x63, 0x73, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x63, 0x73, 0x72, + 0x22, 0x47, 0x0a, 0x11, 0x50, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x32, 0x0a, 0x15, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, + 0x5f, 0x62, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x04, 0x52, 0x13, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x42, 0x75, 0x6e, + 0x64, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x22, 0x14, 0x0a, 0x12, 0x50, 0x6f, 0x73, + 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, + 0x80, 0x07, 0x0a, 0x05, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x6c, 0x0a, 0x0b, 0x43, 0x6f, 0x75, + 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, + 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, + 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x69, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x41, + 0x67, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, - 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x69, 0x0a, 0x0a, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, - 0x6e, 0x74, 0x73, 0x12, 0x2c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, - 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, - 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x4e, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2a, 0x2e, 0x73, - 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, - 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x67, 0x65, 0x6e, - 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, - 0x12, 0x54, 0x0a, 0x0b, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, - 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, - 0x74, 0x65, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x4e, 0x0a, 0x08, 0x42, 0x61, 0x6e, 0x41, 0x67, 0x65, - 0x6e, 0x74, 0x12, 0x2a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x42, - 0x61, 0x6e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x70, 0x0a, 0x0b, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, - 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, - 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x4c, 0x69, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x4e, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2a, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x67, + 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x41, 0x67, 0x65, + 0x6e, 0x74, 0x12, 0x54, 0x0a, 0x0b, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x67, 0x65, 0x6e, + 0x74, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x4e, 0x0a, 0x08, 0x42, 0x61, 0x6e, 0x41, + 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, - 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x28, 0x01, 0x30, 0x01, 0x12, 0x69, 0x0a, 0x0a, 0x52, 0x65, 0x6e, 0x65, - 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x2e, 0x42, 0x61, 0x6e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x70, 0x0a, 0x0b, 0x41, 0x74, 0x74, 0x65, + 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, - 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, - 0x2e, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x12, 0x60, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, 0x6f, 0x69, - 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x31, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x76, 0x31, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x28, 0x01, 0x30, 0x01, 0x12, 0x69, 0x0a, 0x0a, 0x52, 0x65, + 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x2c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, + 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, - 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, - 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x4a, 0x6f, 0x69, 0x6e, - 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x49, 0x5a, 0x47, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, - 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, - 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, - 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x76, 0x31, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x60, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, + 0x6f, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x31, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, + 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4a, 0x6f, 0x69, 0x6e, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x4a, 0x6f, + 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x69, 0x0a, 0x0a, 0x50, 0x6f, 0x73, 0x74, 0x53, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x2c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, + 0x31, 0x2e, 0x50, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x2e, 0x76, 0x31, 0x2e, + 0x50, 0x6f, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x42, 0x49, 0x5a, 0x47, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, + 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, + 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x61, 0x67, 0x65, + 0x6e, 0x74, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x76, 0x31, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1146,7 +1399,7 @@ func file_spire_api_server_agent_v1_agent_proto_rawDescGZIP() []byte { return file_spire_api_server_agent_v1_agent_proto_rawDescData } -var file_spire_api_server_agent_v1_agent_proto_msgTypes = make([]protoimpl.MessageInfo, 16) +var file_spire_api_server_agent_v1_agent_proto_msgTypes = make([]protoimpl.MessageInfo, 19) var file_spire_api_server_agent_v1_agent_proto_goTypes = []interface{}{ (*CountAgentsRequest)(nil), // 0: spire.api.server.agent.v1.CountAgentsRequest (*CountAgentsResponse)(nil), // 1: spire.api.server.agent.v1.CountAgentsResponse @@ -1161,58 +1414,68 @@ var file_spire_api_server_agent_v1_agent_proto_goTypes = []interface{}{ (*RenewAgentResponse)(nil), // 10: spire.api.server.agent.v1.RenewAgentResponse (*CreateJoinTokenRequest)(nil), // 11: spire.api.server.agent.v1.CreateJoinTokenRequest (*AgentX509SVIDParams)(nil), // 12: spire.api.server.agent.v1.AgentX509SVIDParams - (*ListAgentsRequest_Filter)(nil), // 13: spire.api.server.agent.v1.ListAgentsRequest.Filter - (*AttestAgentRequest_Params)(nil), // 14: spire.api.server.agent.v1.AttestAgentRequest.Params - (*AttestAgentResponse_Result)(nil), // 15: spire.api.server.agent.v1.AttestAgentResponse.Result - (*types.AgentMask)(nil), // 16: spire.api.types.AgentMask - (*types.Agent)(nil), // 17: spire.api.types.Agent - (*types.SPIFFEID)(nil), // 18: spire.api.types.SPIFFEID - (*types.X509SVID)(nil), // 19: spire.api.types.X509SVID - (*types.SelectorMatch)(nil), // 20: spire.api.types.SelectorMatch - (*wrapperspb.BoolValue)(nil), // 21: google.protobuf.BoolValue - (*types.AttestationData)(nil), // 22: spire.api.types.AttestationData - (*emptypb.Empty)(nil), // 23: google.protobuf.Empty - (*types.JoinToken)(nil), // 24: spire.api.types.JoinToken + (*PostStatusRequest)(nil), // 13: spire.api.server.agent.v1.PostStatusRequest + (*PostStatusResponse)(nil), // 14: spire.api.server.agent.v1.PostStatusResponse + (*CountAgentsRequest_Filter)(nil), // 15: spire.api.server.agent.v1.CountAgentsRequest.Filter + (*ListAgentsRequest_Filter)(nil), // 16: spire.api.server.agent.v1.ListAgentsRequest.Filter + (*AttestAgentRequest_Params)(nil), // 17: spire.api.server.agent.v1.AttestAgentRequest.Params + (*AttestAgentResponse_Result)(nil), // 18: spire.api.server.agent.v1.AttestAgentResponse.Result + (*types.AgentMask)(nil), // 19: spire.api.types.AgentMask + (*types.Agent)(nil), // 20: spire.api.types.Agent + (*types.SPIFFEID)(nil), // 21: spire.api.types.SPIFFEID + (*types.X509SVID)(nil), // 22: spire.api.types.X509SVID + (*types.SelectorMatch)(nil), // 23: spire.api.types.SelectorMatch + (*wrapperspb.BoolValue)(nil), // 24: google.protobuf.BoolValue + (*types.AttestationData)(nil), // 25: spire.api.types.AttestationData + (*emptypb.Empty)(nil), // 26: google.protobuf.Empty + (*types.JoinToken)(nil), // 27: spire.api.types.JoinToken } var file_spire_api_server_agent_v1_agent_proto_depIdxs = []int32{ - 13, // 0: spire.api.server.agent.v1.ListAgentsRequest.filter:type_name -> spire.api.server.agent.v1.ListAgentsRequest.Filter - 16, // 1: spire.api.server.agent.v1.ListAgentsRequest.output_mask:type_name -> spire.api.types.AgentMask - 17, // 2: spire.api.server.agent.v1.ListAgentsResponse.agents:type_name -> spire.api.types.Agent - 18, // 3: spire.api.server.agent.v1.GetAgentRequest.id:type_name -> spire.api.types.SPIFFEID - 16, // 4: spire.api.server.agent.v1.GetAgentRequest.output_mask:type_name -> spire.api.types.AgentMask - 18, // 5: spire.api.server.agent.v1.DeleteAgentRequest.id:type_name -> spire.api.types.SPIFFEID - 18, // 6: spire.api.server.agent.v1.BanAgentRequest.id:type_name -> spire.api.types.SPIFFEID - 14, // 7: spire.api.server.agent.v1.AttestAgentRequest.params:type_name -> spire.api.server.agent.v1.AttestAgentRequest.Params - 15, // 8: spire.api.server.agent.v1.AttestAgentResponse.result:type_name -> spire.api.server.agent.v1.AttestAgentResponse.Result - 12, // 9: spire.api.server.agent.v1.RenewAgentRequest.params:type_name -> spire.api.server.agent.v1.AgentX509SVIDParams - 19, // 10: spire.api.server.agent.v1.RenewAgentResponse.svid:type_name -> spire.api.types.X509SVID - 18, // 11: spire.api.server.agent.v1.CreateJoinTokenRequest.agent_id:type_name -> spire.api.types.SPIFFEID - 20, // 12: spire.api.server.agent.v1.ListAgentsRequest.Filter.by_selector_match:type_name -> spire.api.types.SelectorMatch - 21, // 13: spire.api.server.agent.v1.ListAgentsRequest.Filter.by_banned:type_name -> google.protobuf.BoolValue - 22, // 14: spire.api.server.agent.v1.AttestAgentRequest.Params.data:type_name -> spire.api.types.AttestationData - 12, // 15: spire.api.server.agent.v1.AttestAgentRequest.Params.params:type_name -> spire.api.server.agent.v1.AgentX509SVIDParams - 19, // 16: spire.api.server.agent.v1.AttestAgentResponse.Result.svid:type_name -> spire.api.types.X509SVID - 0, // 17: spire.api.server.agent.v1.Agent.CountAgents:input_type -> spire.api.server.agent.v1.CountAgentsRequest - 2, // 18: spire.api.server.agent.v1.Agent.ListAgents:input_type -> spire.api.server.agent.v1.ListAgentsRequest - 4, // 19: spire.api.server.agent.v1.Agent.GetAgent:input_type -> spire.api.server.agent.v1.GetAgentRequest - 5, // 20: spire.api.server.agent.v1.Agent.DeleteAgent:input_type -> spire.api.server.agent.v1.DeleteAgentRequest - 6, // 21: spire.api.server.agent.v1.Agent.BanAgent:input_type -> spire.api.server.agent.v1.BanAgentRequest - 7, // 22: spire.api.server.agent.v1.Agent.AttestAgent:input_type -> spire.api.server.agent.v1.AttestAgentRequest - 9, // 23: spire.api.server.agent.v1.Agent.RenewAgent:input_type -> spire.api.server.agent.v1.RenewAgentRequest - 11, // 24: spire.api.server.agent.v1.Agent.CreateJoinToken:input_type -> spire.api.server.agent.v1.CreateJoinTokenRequest - 1, // 25: spire.api.server.agent.v1.Agent.CountAgents:output_type -> spire.api.server.agent.v1.CountAgentsResponse - 3, // 26: spire.api.server.agent.v1.Agent.ListAgents:output_type -> spire.api.server.agent.v1.ListAgentsResponse - 17, // 27: spire.api.server.agent.v1.Agent.GetAgent:output_type -> spire.api.types.Agent - 23, // 28: spire.api.server.agent.v1.Agent.DeleteAgent:output_type -> google.protobuf.Empty - 23, // 29: spire.api.server.agent.v1.Agent.BanAgent:output_type -> google.protobuf.Empty - 8, // 30: spire.api.server.agent.v1.Agent.AttestAgent:output_type -> spire.api.server.agent.v1.AttestAgentResponse - 10, // 31: spire.api.server.agent.v1.Agent.RenewAgent:output_type -> spire.api.server.agent.v1.RenewAgentResponse - 24, // 32: spire.api.server.agent.v1.Agent.CreateJoinToken:output_type -> spire.api.types.JoinToken - 25, // [25:33] is the sub-list for method output_type - 17, // [17:25] is the sub-list for method input_type - 17, // [17:17] is the sub-list for extension type_name - 17, // [17:17] is the sub-list for extension extendee - 0, // [0:17] is the sub-list for field type_name + 15, // 0: spire.api.server.agent.v1.CountAgentsRequest.filter:type_name -> spire.api.server.agent.v1.CountAgentsRequest.Filter + 16, // 1: spire.api.server.agent.v1.ListAgentsRequest.filter:type_name -> spire.api.server.agent.v1.ListAgentsRequest.Filter + 19, // 2: spire.api.server.agent.v1.ListAgentsRequest.output_mask:type_name -> spire.api.types.AgentMask + 20, // 3: spire.api.server.agent.v1.ListAgentsResponse.agents:type_name -> spire.api.types.Agent + 21, // 4: spire.api.server.agent.v1.GetAgentRequest.id:type_name -> spire.api.types.SPIFFEID + 19, // 5: spire.api.server.agent.v1.GetAgentRequest.output_mask:type_name -> spire.api.types.AgentMask + 21, // 6: spire.api.server.agent.v1.DeleteAgentRequest.id:type_name -> spire.api.types.SPIFFEID + 21, // 7: spire.api.server.agent.v1.BanAgentRequest.id:type_name -> spire.api.types.SPIFFEID + 17, // 8: spire.api.server.agent.v1.AttestAgentRequest.params:type_name -> spire.api.server.agent.v1.AttestAgentRequest.Params + 18, // 9: spire.api.server.agent.v1.AttestAgentResponse.result:type_name -> spire.api.server.agent.v1.AttestAgentResponse.Result + 12, // 10: spire.api.server.agent.v1.RenewAgentRequest.params:type_name -> spire.api.server.agent.v1.AgentX509SVIDParams + 22, // 11: spire.api.server.agent.v1.RenewAgentResponse.svid:type_name -> spire.api.types.X509SVID + 21, // 12: spire.api.server.agent.v1.CreateJoinTokenRequest.agent_id:type_name -> spire.api.types.SPIFFEID + 23, // 13: spire.api.server.agent.v1.CountAgentsRequest.Filter.by_selector_match:type_name -> spire.api.types.SelectorMatch + 24, // 14: spire.api.server.agent.v1.CountAgentsRequest.Filter.by_banned:type_name -> google.protobuf.BoolValue + 24, // 15: spire.api.server.agent.v1.CountAgentsRequest.Filter.by_can_reattest:type_name -> google.protobuf.BoolValue + 23, // 16: spire.api.server.agent.v1.ListAgentsRequest.Filter.by_selector_match:type_name -> spire.api.types.SelectorMatch + 24, // 17: spire.api.server.agent.v1.ListAgentsRequest.Filter.by_banned:type_name -> google.protobuf.BoolValue + 24, // 18: spire.api.server.agent.v1.ListAgentsRequest.Filter.by_can_reattest:type_name -> google.protobuf.BoolValue + 25, // 19: spire.api.server.agent.v1.AttestAgentRequest.Params.data:type_name -> spire.api.types.AttestationData + 12, // 20: spire.api.server.agent.v1.AttestAgentRequest.Params.params:type_name -> spire.api.server.agent.v1.AgentX509SVIDParams + 22, // 21: spire.api.server.agent.v1.AttestAgentResponse.Result.svid:type_name -> spire.api.types.X509SVID + 0, // 22: spire.api.server.agent.v1.Agent.CountAgents:input_type -> spire.api.server.agent.v1.CountAgentsRequest + 2, // 23: spire.api.server.agent.v1.Agent.ListAgents:input_type -> spire.api.server.agent.v1.ListAgentsRequest + 4, // 24: spire.api.server.agent.v1.Agent.GetAgent:input_type -> spire.api.server.agent.v1.GetAgentRequest + 5, // 25: spire.api.server.agent.v1.Agent.DeleteAgent:input_type -> spire.api.server.agent.v1.DeleteAgentRequest + 6, // 26: spire.api.server.agent.v1.Agent.BanAgent:input_type -> spire.api.server.agent.v1.BanAgentRequest + 7, // 27: spire.api.server.agent.v1.Agent.AttestAgent:input_type -> spire.api.server.agent.v1.AttestAgentRequest + 9, // 28: spire.api.server.agent.v1.Agent.RenewAgent:input_type -> spire.api.server.agent.v1.RenewAgentRequest + 11, // 29: spire.api.server.agent.v1.Agent.CreateJoinToken:input_type -> spire.api.server.agent.v1.CreateJoinTokenRequest + 13, // 30: spire.api.server.agent.v1.Agent.PostStatus:input_type -> spire.api.server.agent.v1.PostStatusRequest + 1, // 31: spire.api.server.agent.v1.Agent.CountAgents:output_type -> spire.api.server.agent.v1.CountAgentsResponse + 3, // 32: spire.api.server.agent.v1.Agent.ListAgents:output_type -> spire.api.server.agent.v1.ListAgentsResponse + 20, // 33: spire.api.server.agent.v1.Agent.GetAgent:output_type -> spire.api.types.Agent + 26, // 34: spire.api.server.agent.v1.Agent.DeleteAgent:output_type -> google.protobuf.Empty + 26, // 35: spire.api.server.agent.v1.Agent.BanAgent:output_type -> google.protobuf.Empty + 8, // 36: spire.api.server.agent.v1.Agent.AttestAgent:output_type -> spire.api.server.agent.v1.AttestAgentResponse + 10, // 37: spire.api.server.agent.v1.Agent.RenewAgent:output_type -> spire.api.server.agent.v1.RenewAgentResponse + 27, // 38: spire.api.server.agent.v1.Agent.CreateJoinToken:output_type -> spire.api.types.JoinToken + 14, // 39: spire.api.server.agent.v1.Agent.PostStatus:output_type -> spire.api.server.agent.v1.PostStatusResponse + 31, // [31:40] is the sub-list for method output_type + 22, // [22:31] is the sub-list for method input_type + 22, // [22:22] is the sub-list for extension type_name + 22, // [22:22] is the sub-list for extension extendee + 0, // [0:22] is the sub-list for field type_name } func init() { file_spire_api_server_agent_v1_agent_proto_init() } @@ -1378,7 +1641,7 @@ func file_spire_api_server_agent_v1_agent_proto_init() { } } file_spire_api_server_agent_v1_agent_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ListAgentsRequest_Filter); i { + switch v := v.(*PostStatusRequest); i { case 0: return &v.state case 1: @@ -1390,7 +1653,7 @@ func file_spire_api_server_agent_v1_agent_proto_init() { } } file_spire_api_server_agent_v1_agent_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*AttestAgentRequest_Params); i { + switch v := v.(*PostStatusResponse); i { case 0: return &v.state case 1: @@ -1402,6 +1665,42 @@ func file_spire_api_server_agent_v1_agent_proto_init() { } } file_spire_api_server_agent_v1_agent_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CountAgentsRequest_Filter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_agent_v1_agent_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ListAgentsRequest_Filter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_agent_v1_agent_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AttestAgentRequest_Params); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_agent_v1_agent_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*AttestAgentResponse_Result); i { case 0: return &v.state @@ -1428,7 +1727,7 @@ func file_spire_api_server_agent_v1_agent_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_spire_api_server_agent_v1_agent_proto_rawDesc, NumEnums: 0, - NumMessages: 16, + NumMessages: 19, NumExtensions: 0, NumServices: 1, }, diff --git a/proto/spire/api/server/agent/v1/agent.proto b/proto/spire/api/server/agent/v1/agent.proto index 62e5f9c..1679819 100644 --- a/proto/spire/api/server/agent/v1/agent.proto +++ b/proto/spire/api/server/agent/v1/agent.proto @@ -58,9 +58,35 @@ service Agent { // // The caller must be local or present an admin X509-SVID. rpc CreateJoinToken(CreateJoinTokenRequest) returns (spire.api.types.JoinToken); + + // PostStatus post Agent status, informing what's the current + // bundle that is being used by the agent. + // + // The caller must present an active agent X509-SVID, i.e. the X509-SVID + // returned by the AttestAgent or the most recent RenewAgent call. + rpc PostStatus(PostStatusRequest) returns (PostStatusResponse); } message CountAgentsRequest { + message Filter { + // Filters agents to those matching the attestation type. + string by_attestation_type = 1; + + // Filters agents to those satisfying the selector match. + spire.api.types.SelectorMatch by_selector_match = 2; + + // Filters agents to those that are banned. + google.protobuf.BoolValue by_banned = 3; + + // Filters agents that can re-attest. + google.protobuf.BoolValue by_can_reattest = 4; + + // Filters agents by those expires before. + string by_expires_before = 5; + } + + // Filters the agents returned by the list operation. + Filter filter = 1; } message CountAgentsResponse { @@ -77,6 +103,12 @@ message ListAgentsRequest { // Filters agents to those that are banned. google.protobuf.BoolValue by_banned = 3; + + // Filters agents that can re-attest. + google.protobuf.BoolValue by_can_reattest = 4; + + // Filters agents by those expires before. + string by_expires_before = 5; } // Filters the agents returned by the list operation. @@ -145,6 +177,9 @@ message AttestAgentResponse { message Result { // The agent X509-SVID. spire.api.types.X509SVID svid = 1; + + // Whether or not the attested agent can reattest to renew its X509-SVID + bool reattestable = 2; } oneof step { @@ -187,3 +222,11 @@ message AgentX509SVIDParams { // ignored. The agent X509-SVID attributes are determined by the server. bytes csr = 1; } + +message PostStatusRequest { + // Required. Serial number of the bundle currently being served by the agent + uint64 current_bundle_serial = 1; +} + +message PostStatusResponse { +} diff --git a/proto/spire/api/server/agent/v1/agent_grpc.pb.go b/proto/spire/api/server/agent/v1/agent_grpc.pb.go index 52f8b01..72b962e 100644 --- a/proto/spire/api/server/agent/v1/agent_grpc.pb.go +++ b/proto/spire/api/server/agent/v1/agent_grpc.pb.go @@ -58,6 +58,12 @@ type AgentClient interface { // // The caller must be local or present an admin X509-SVID. CreateJoinToken(ctx context.Context, in *CreateJoinTokenRequest, opts ...grpc.CallOption) (*types.JoinToken, error) + // PostStatus post Agent status, informing what's the current + // bundle that is being used by the agent. + // + // The caller must present an active agent X509-SVID, i.e. the X509-SVID + // returned by the AttestAgent or the most recent RenewAgent call. + PostStatus(ctx context.Context, in *PostStatusRequest, opts ...grpc.CallOption) (*PostStatusResponse, error) } type agentClient struct { @@ -162,6 +168,15 @@ func (c *agentClient) CreateJoinToken(ctx context.Context, in *CreateJoinTokenRe return out, nil } +func (c *agentClient) PostStatus(ctx context.Context, in *PostStatusRequest, opts ...grpc.CallOption) (*PostStatusResponse, error) { + out := new(PostStatusResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.agent.v1.Agent/PostStatus", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // AgentServer is the server API for Agent service. // All implementations must embed UnimplementedAgentServer // for forward compatibility @@ -205,6 +220,12 @@ type AgentServer interface { // // The caller must be local or present an admin X509-SVID. CreateJoinToken(context.Context, *CreateJoinTokenRequest) (*types.JoinToken, error) + // PostStatus post Agent status, informing what's the current + // bundle that is being used by the agent. + // + // The caller must present an active agent X509-SVID, i.e. the X509-SVID + // returned by the AttestAgent or the most recent RenewAgent call. + PostStatus(context.Context, *PostStatusRequest) (*PostStatusResponse, error) mustEmbedUnimplementedAgentServer() } @@ -236,6 +257,9 @@ func (UnimplementedAgentServer) RenewAgent(context.Context, *RenewAgentRequest) func (UnimplementedAgentServer) CreateJoinToken(context.Context, *CreateJoinTokenRequest) (*types.JoinToken, error) { return nil, status.Errorf(codes.Unimplemented, "method CreateJoinToken not implemented") } +func (UnimplementedAgentServer) PostStatus(context.Context, *PostStatusRequest) (*PostStatusResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method PostStatus not implemented") +} func (UnimplementedAgentServer) mustEmbedUnimplementedAgentServer() {} // UnsafeAgentServer may be embedded to opt out of forward compatibility for this service. @@ -401,6 +425,24 @@ func _Agent_CreateJoinToken_Handler(srv interface{}, ctx context.Context, dec fu return interceptor(ctx, in, info, handler) } +func _Agent_PostStatus_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PostStatusRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AgentServer).PostStatus(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.agent.v1.Agent/PostStatus", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AgentServer).PostStatus(ctx, req.(*PostStatusRequest)) + } + return interceptor(ctx, in, info, handler) +} + var _Agent_serviceDesc = grpc.ServiceDesc{ ServiceName: "spire.api.server.agent.v1.Agent", HandlerType: (*AgentServer)(nil), @@ -433,6 +475,10 @@ var _Agent_serviceDesc = grpc.ServiceDesc{ MethodName: "CreateJoinToken", Handler: _Agent_CreateJoinToken_Handler, }, + { + MethodName: "PostStatus", + Handler: _Agent_PostStatus_Handler, + }, }, Streams: []grpc.StreamDesc{ { diff --git a/proto/spire/api/server/bundle/v1/bundle.pb.go b/proto/spire/api/server/bundle/v1/bundle.pb.go index 2d14278..513773f 100644 --- a/proto/spire/api/server/bundle/v1/bundle.pb.go +++ b/proto/spire/api/server/bundle/v1/bundle.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/bundle/v1/bundle.proto package bundlev1 diff --git a/proto/spire/api/server/debug/v1/debug.pb.go b/proto/spire/api/server/debug/v1/debug.pb.go index c719d7e..360d0fa 100644 --- a/proto/spire/api/server/debug/v1/debug.pb.go +++ b/proto/spire/api/server/debug/v1/debug.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/debug/v1/debug.proto package debugv1 diff --git a/proto/spire/api/server/entry/v1/entry.pb.go b/proto/spire/api/server/entry/v1/entry.pb.go index b148b78..967aa2f 100644 --- a/proto/spire/api/server/entry/v1/entry.pb.go +++ b/proto/spire/api/server/entry/v1/entry.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/entry/v1/entry.proto package entryv1 @@ -10,6 +10,7 @@ import ( types "github.com/spiffe/spire-api-sdk/proto/spire/api/types" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" + wrapperspb "google.golang.org/protobuf/types/known/wrapperspb" reflect "reflect" sync "sync" ) @@ -25,6 +26,9 @@ type CountEntriesRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + + // Filters the entries returned in the response. + Filter *CountEntriesRequest_Filter `protobuf:"bytes,1,opt,name=filter,proto3" json:"filter,omitempty"` } func (x *CountEntriesRequest) Reset() { @@ -59,6 +63,13 @@ func (*CountEntriesRequest) Descriptor() ([]byte, []int) { return file_spire_api_server_entry_v1_entry_proto_rawDescGZIP(), []int{0} } +func (x *CountEntriesRequest) GetFilter() *CountEntriesRequest_Filter { + if x != nil { + return x.Filter + } + return nil +} + type CountEntriesResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -710,6 +721,93 @@ func (x *GetAuthorizedEntriesResponse) GetEntries() []*types.Entry { return nil } +type CountEntriesRequest_Filter struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + BySpiffeId *types.SPIFFEID `protobuf:"bytes,1,opt,name=by_spiffe_id,json=bySpiffeId,proto3" json:"by_spiffe_id,omitempty"` + ByParentId *types.SPIFFEID `protobuf:"bytes,2,opt,name=by_parent_id,json=byParentId,proto3" json:"by_parent_id,omitempty"` + BySelectors *types.SelectorMatch `protobuf:"bytes,3,opt,name=by_selectors,json=bySelectors,proto3" json:"by_selectors,omitempty"` + ByFederatesWith *types.FederatesWithMatch `protobuf:"bytes,4,opt,name=by_federates_with,json=byFederatesWith,proto3" json:"by_federates_with,omitempty"` + ByHint *wrapperspb.StringValue `protobuf:"bytes,5,opt,name=by_hint,json=byHint,proto3" json:"by_hint,omitempty"` + ByDownstream *wrapperspb.BoolValue `protobuf:"bytes,6,opt,name=by_downstream,json=byDownstream,proto3" json:"by_downstream,omitempty"` +} + +func (x *CountEntriesRequest_Filter) Reset() { + *x = CountEntriesRequest_Filter{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CountEntriesRequest_Filter) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CountEntriesRequest_Filter) ProtoMessage() {} + +func (x *CountEntriesRequest_Filter) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CountEntriesRequest_Filter.ProtoReflect.Descriptor instead. +func (*CountEntriesRequest_Filter) Descriptor() ([]byte, []int) { + return file_spire_api_server_entry_v1_entry_proto_rawDescGZIP(), []int{0, 0} +} + +func (x *CountEntriesRequest_Filter) GetBySpiffeId() *types.SPIFFEID { + if x != nil { + return x.BySpiffeId + } + return nil +} + +func (x *CountEntriesRequest_Filter) GetByParentId() *types.SPIFFEID { + if x != nil { + return x.ByParentId + } + return nil +} + +func (x *CountEntriesRequest_Filter) GetBySelectors() *types.SelectorMatch { + if x != nil { + return x.BySelectors + } + return nil +} + +func (x *CountEntriesRequest_Filter) GetByFederatesWith() *types.FederatesWithMatch { + if x != nil { + return x.ByFederatesWith + } + return nil +} + +func (x *CountEntriesRequest_Filter) GetByHint() *wrapperspb.StringValue { + if x != nil { + return x.ByHint + } + return nil +} + +func (x *CountEntriesRequest_Filter) GetByDownstream() *wrapperspb.BoolValue { + if x != nil { + return x.ByDownstream + } + return nil +} + type ListEntriesRequest_Filter struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -719,12 +817,14 @@ type ListEntriesRequest_Filter struct { ByParentId *types.SPIFFEID `protobuf:"bytes,2,opt,name=by_parent_id,json=byParentId,proto3" json:"by_parent_id,omitempty"` BySelectors *types.SelectorMatch `protobuf:"bytes,3,opt,name=by_selectors,json=bySelectors,proto3" json:"by_selectors,omitempty"` ByFederatesWith *types.FederatesWithMatch `protobuf:"bytes,4,opt,name=by_federates_with,json=byFederatesWith,proto3" json:"by_federates_with,omitempty"` + ByHint *wrapperspb.StringValue `protobuf:"bytes,5,opt,name=by_hint,json=byHint,proto3" json:"by_hint,omitempty"` + ByDownstream *wrapperspb.BoolValue `protobuf:"bytes,6,opt,name=by_downstream,json=byDownstream,proto3" json:"by_downstream,omitempty"` } func (x *ListEntriesRequest_Filter) Reset() { *x = ListEntriesRequest_Filter{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[13] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -737,7 +837,7 @@ func (x *ListEntriesRequest_Filter) String() string { func (*ListEntriesRequest_Filter) ProtoMessage() {} func (x *ListEntriesRequest_Filter) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[13] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[14] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -781,6 +881,20 @@ func (x *ListEntriesRequest_Filter) GetByFederatesWith() *types.FederatesWithMat return nil } +func (x *ListEntriesRequest_Filter) GetByHint() *wrapperspb.StringValue { + if x != nil { + return x.ByHint + } + return nil +} + +func (x *ListEntriesRequest_Filter) GetByDownstream() *wrapperspb.BoolValue { + if x != nil { + return x.ByDownstream + } + return nil +} + type BatchCreateEntryResponse_Result struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -800,7 +914,7 @@ type BatchCreateEntryResponse_Result struct { func (x *BatchCreateEntryResponse_Result) Reset() { *x = BatchCreateEntryResponse_Result{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[14] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -813,7 +927,7 @@ func (x *BatchCreateEntryResponse_Result) String() string { func (*BatchCreateEntryResponse_Result) ProtoMessage() {} func (x *BatchCreateEntryResponse_Result) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[14] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[15] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -859,7 +973,7 @@ type BatchUpdateEntryResponse_Result struct { func (x *BatchUpdateEntryResponse_Result) Reset() { *x = BatchUpdateEntryResponse_Result{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[15] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -872,7 +986,7 @@ func (x *BatchUpdateEntryResponse_Result) String() string { func (*BatchUpdateEntryResponse_Result) ProtoMessage() {} func (x *BatchUpdateEntryResponse_Result) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[15] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[16] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -916,7 +1030,7 @@ type BatchDeleteEntryResponse_Result struct { func (x *BatchDeleteEntryResponse_Result) Reset() { *x = BatchDeleteEntryResponse_Result{} if protoimpl.UnsafeEnabled { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[16] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -929,7 +1043,7 @@ func (x *BatchDeleteEntryResponse_Result) String() string { func (*BatchDeleteEntryResponse_Result) ProtoMessage() {} func (x *BatchDeleteEntryResponse_Result) ProtoReflect() protoreflect.Message { - mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[16] + mi := &file_spire_api_server_entry_v1_entry_proto_msgTypes[17] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -976,186 +1090,226 @@ var file_spire_api_server_entry_v1_entry_proto_rawDesc = []byte{ 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x22, 0x15, 0x0a, 0x13, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, - 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x2c, 0x0a, 0x14, 0x43, 0x6f, 0x75, - 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, - 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xf4, 0x03, 0x0a, 0x12, 0x4c, 0x69, 0x73, 0x74, - 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4c, - 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x34, - 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, - 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, - 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, 0x69, - 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x0b, - 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, - 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, - 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x67, - 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, 0x61, - 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, - 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, - 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x1a, 0x96, 0x02, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, - 0x12, 0x3b, 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x5f, 0x69, 0x64, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, - 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, - 0x44, 0x52, 0x0a, 0x62, 0x79, 0x53, 0x70, 0x69, 0x66, 0x66, 0x65, 0x49, 0x64, 0x12, 0x3b, 0x0a, - 0x0c, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x0a, - 0x62, 0x79, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x41, 0x0a, 0x0c, 0x62, 0x79, - 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, - 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, - 0x52, 0x0b, 0x62, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x4f, 0x0a, - 0x11, 0x62, 0x79, 0x5f, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x5f, 0x77, 0x69, - 0x74, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, 0x65, 0x64, 0x65, 0x72, - 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x0f, 0x62, - 0x79, 0x46, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x22, 0x6f, - 0x0a, 0x13, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x30, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, - 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, - 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, - 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, - 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, - 0x5e, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, - 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, - 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, - 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, - 0x88, 0x01, 0x0a, 0x17, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, - 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x65, - 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, - 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, - 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x3b, 0x0a, + 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x22, 0xf5, 0x03, 0x0a, 0x13, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, + 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4d, 0x0a, 0x06, 0x66, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, + 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, + 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x1a, 0x8e, 0x03, 0x0a, 0x06, 0x46, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x73, 0x70, 0x69, 0x66, 0x66, + 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, + 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, 0x0a, 0x62, 0x79, 0x53, 0x70, 0x69, 0x66, 0x66, 0x65, 0x49, + 0x64, 0x12, 0x3b, 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x69, + 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, + 0x49, 0x44, 0x52, 0x0a, 0x62, 0x79, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x41, + 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, + 0x61, 0x74, 0x63, 0x68, 0x52, 0x0b, 0x62, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x73, 0x12, 0x4f, 0x0a, 0x11, 0x62, 0x79, 0x5f, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, + 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, + 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, + 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, + 0x68, 0x52, 0x0f, 0x62, 0x79, 0x46, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, + 0x74, 0x68, 0x12, 0x35, 0x0a, 0x07, 0x62, 0x79, 0x5f, 0x68, 0x69, 0x6e, 0x74, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, + 0x65, 0x52, 0x06, 0x62, 0x79, 0x48, 0x69, 0x6e, 0x74, 0x12, 0x3f, 0x0a, 0x0d, 0x62, 0x79, 0x5f, + 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0c, 0x62, 0x79, + 0x44, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x22, 0x2c, 0x0a, 0x14, 0x43, 0x6f, + 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x05, 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xec, 0x04, 0x0a, 0x12, 0x4c, 0x69, 0x73, + 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x4c, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x34, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, + 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x46, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, - 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0xd9, 0x01, 0x0a, 0x18, 0x42, - 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, - 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, - 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x52, 0x65, - 0x73, 0x75, 0x6c, 0x74, 0x52, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x1a, 0x67, 0x0a, - 0x06, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x2c, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, - 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, - 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x22, 0xc3, 0x01, 0x0a, 0x17, 0x42, 0x61, 0x74, 0x63, 0x68, - 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, - 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, - 0x72, 0x69, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x0a, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, - 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, - 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x09, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x12, - 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, - 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0xd9, 0x01, 0x0a, - 0x18, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, - 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x07, 0x72, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x73, 0x70, 0x69, - 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, - 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, - 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, - 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x1a, - 0x67, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x2c, 0x0a, 0x05, 0x65, 0x6e, - 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, - 0x79, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x22, 0x2b, 0x0a, 0x17, 0x42, 0x61, 0x74, 0x63, - 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, - 0x52, 0x03, 0x69, 0x64, 0x73, 0x22, 0xbb, 0x01, 0x0a, 0x18, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, - 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, + 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x70, + 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, + 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, + 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x1a, 0x8e, 0x03, 0x0a, 0x06, 0x46, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x12, 0x3b, 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x5f, 0x69, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, + 0x49, 0x44, 0x52, 0x0a, 0x62, 0x79, 0x53, 0x70, 0x69, 0x66, 0x66, 0x65, 0x49, 0x64, 0x12, 0x3b, + 0x0a, 0x0c, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, + 0x0a, 0x62, 0x79, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x41, 0x0a, 0x0c, 0x62, + 0x79, 0x5f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, + 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x4d, 0x61, 0x74, 0x63, + 0x68, 0x52, 0x0b, 0x62, 0x79, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x4f, + 0x0a, 0x11, 0x62, 0x79, 0x5f, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x5f, 0x77, + 0x69, 0x74, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x46, 0x65, 0x64, 0x65, + 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x52, 0x0f, + 0x62, 0x79, 0x46, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x12, + 0x35, 0x0a, 0x07, 0x62, 0x79, 0x5f, 0x68, 0x69, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x06, + 0x62, 0x79, 0x48, 0x69, 0x6e, 0x74, 0x12, 0x3f, 0x0a, 0x0d, 0x62, 0x79, 0x5f, 0x64, 0x6f, 0x77, + 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, + 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0c, 0x62, 0x79, 0x44, 0x6f, 0x77, + 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x22, 0x6f, 0x0a, 0x13, 0x4c, 0x69, 0x73, 0x74, 0x45, + 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x30, + 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, + 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, + 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, + 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, + 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x5e, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, + 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, + 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x88, 0x01, 0x0a, 0x17, 0x42, 0x61, 0x74, + 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, + 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, + 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, + 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, + 0x61, 0x73, 0x6b, 0x22, 0xd9, 0x01, 0x0a, 0x18, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x54, 0x0a, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x3a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, + 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x07, 0x72, + 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x1a, 0x67, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, + 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x17, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x12, 0x2c, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x22, + 0xc3, 0x01, 0x0a, 0x17, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x65, + 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, + 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x39, 0x0a, + 0x0a, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, + 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x09, 0x69, + 0x6e, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, + 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, + 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, + 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, + 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0xd9, 0x01, 0x0a, 0x18, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, - 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, - 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x1a, 0x49, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, + 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x1a, 0x67, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x2f, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x02, 0x69, 0x64, 0x22, 0x5a, 0x0a, 0x1b, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, - 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, - 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, - 0x50, 0x0a, 0x1c, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, - 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, - 0x30, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, - 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, - 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, - 0x73, 0x32, 0xb7, 0x06, 0x0a, 0x05, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x6f, 0x0a, 0x0c, 0x43, - 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x2e, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, - 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, - 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, - 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, - 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6c, 0x0a, 0x0b, - 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x2d, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, - 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, - 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, - 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, - 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, - 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4e, 0x0a, 0x08, 0x47, 0x65, - 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x2a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, - 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, - 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, - 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x7b, 0x0a, 0x10, 0x42, 0x61, - 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x32, - 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, - 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, - 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, - 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x7b, 0x0a, 0x10, 0x42, 0x61, 0x74, 0x63, 0x68, - 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x32, 0x2e, 0x73, 0x70, - 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, - 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, - 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, - 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x7b, 0x0a, 0x10, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, - 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, - 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x73, + 0x74, 0x75, 0x73, 0x12, 0x2c, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, + 0x79, 0x22, 0x2b, 0x0a, 0x17, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, + 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x03, 0x69, 0x64, 0x73, 0x22, 0xbb, + 0x01, 0x0a, 0x18, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, + 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x54, 0x0a, 0x07, 0x72, + 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x12, 0x87, 0x01, 0x0a, 0x14, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x12, 0x36, 0x2e, 0x73, 0x70, 0x69, - 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, - 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x37, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, + 0x65, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, + 0x73, 0x1a, 0x49, 0x0a, 0x06, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x2f, 0x0a, 0x06, 0x73, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0e, 0x0a, 0x02, + 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x5a, 0x0a, 0x1b, + 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, + 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3b, 0x0a, 0x0b, 0x6f, + 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, + 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0a, 0x6f, 0x75, + 0x74, 0x70, 0x75, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x22, 0x50, 0x0a, 0x1c, 0x47, 0x65, 0x74, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x30, 0x0a, 0x07, 0x65, 0x6e, 0x74, 0x72, + 0x69, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, 0x74, 0x72, + 0x79, 0x52, 0x07, 0x65, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x32, 0xb7, 0x06, 0x0a, 0x05, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x12, 0x6f, 0x0a, 0x0c, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, + 0x72, 0x69, 0x65, 0x73, 0x12, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6c, 0x0a, 0x0b, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, + 0x72, 0x69, 0x65, 0x73, 0x12, 0x2d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x2e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, + 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x4e, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, + 0x2a, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x45, 0x6e, + 0x74, 0x72, 0x79, 0x12, 0x7b, 0x0a, 0x10, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, + 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x7b, 0x0a, 0x10, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, + 0x6e, 0x74, 0x72, 0x79, 0x12, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, + 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x7b, 0x0a, + 0x10, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, + 0x79, 0x12, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, + 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, + 0x31, 0x2e, 0x42, 0x61, 0x74, 0x63, 0x68, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6e, 0x74, + 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x87, 0x01, 0x0a, 0x14, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, - 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x49, 0x5a, 0x47, 0x67, - 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, - 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2f, 0x76, 0x31, 0x3b, 0x65, - 0x6e, 0x74, 0x72, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x69, 0x65, 0x73, 0x12, 0x36, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, + 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, + 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x37, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x65, + 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x64, 0x45, 0x6e, 0x74, 0x72, 0x69, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x49, 0x5a, 0x47, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, + 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, + 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x65, + 0x6e, 0x74, 0x72, 0x79, 0x2f, 0x76, 0x31, 0x3b, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x76, 0x31, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1170,7 +1324,7 @@ func file_spire_api_server_entry_v1_entry_proto_rawDescGZIP() []byte { return file_spire_api_server_entry_v1_entry_proto_rawDescData } -var file_spire_api_server_entry_v1_entry_proto_msgTypes = make([]protoimpl.MessageInfo, 17) +var file_spire_api_server_entry_v1_entry_proto_msgTypes = make([]protoimpl.MessageInfo, 18) var file_spire_api_server_entry_v1_entry_proto_goTypes = []interface{}{ (*CountEntriesRequest)(nil), // 0: spire.api.server.entry.v1.CountEntriesRequest (*CountEntriesResponse)(nil), // 1: spire.api.server.entry.v1.CountEntriesResponse @@ -1185,60 +1339,72 @@ var file_spire_api_server_entry_v1_entry_proto_goTypes = []interface{}{ (*BatchDeleteEntryResponse)(nil), // 10: spire.api.server.entry.v1.BatchDeleteEntryResponse (*GetAuthorizedEntriesRequest)(nil), // 11: spire.api.server.entry.v1.GetAuthorizedEntriesRequest (*GetAuthorizedEntriesResponse)(nil), // 12: spire.api.server.entry.v1.GetAuthorizedEntriesResponse - (*ListEntriesRequest_Filter)(nil), // 13: spire.api.server.entry.v1.ListEntriesRequest.Filter - (*BatchCreateEntryResponse_Result)(nil), // 14: spire.api.server.entry.v1.BatchCreateEntryResponse.Result - (*BatchUpdateEntryResponse_Result)(nil), // 15: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result - (*BatchDeleteEntryResponse_Result)(nil), // 16: spire.api.server.entry.v1.BatchDeleteEntryResponse.Result - (*types.EntryMask)(nil), // 17: spire.api.types.EntryMask - (*types.Entry)(nil), // 18: spire.api.types.Entry - (*types.SPIFFEID)(nil), // 19: spire.api.types.SPIFFEID - (*types.SelectorMatch)(nil), // 20: spire.api.types.SelectorMatch - (*types.FederatesWithMatch)(nil), // 21: spire.api.types.FederatesWithMatch - (*types.Status)(nil), // 22: spire.api.types.Status + (*CountEntriesRequest_Filter)(nil), // 13: spire.api.server.entry.v1.CountEntriesRequest.Filter + (*ListEntriesRequest_Filter)(nil), // 14: spire.api.server.entry.v1.ListEntriesRequest.Filter + (*BatchCreateEntryResponse_Result)(nil), // 15: spire.api.server.entry.v1.BatchCreateEntryResponse.Result + (*BatchUpdateEntryResponse_Result)(nil), // 16: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result + (*BatchDeleteEntryResponse_Result)(nil), // 17: spire.api.server.entry.v1.BatchDeleteEntryResponse.Result + (*types.EntryMask)(nil), // 18: spire.api.types.EntryMask + (*types.Entry)(nil), // 19: spire.api.types.Entry + (*types.SPIFFEID)(nil), // 20: spire.api.types.SPIFFEID + (*types.SelectorMatch)(nil), // 21: spire.api.types.SelectorMatch + (*types.FederatesWithMatch)(nil), // 22: spire.api.types.FederatesWithMatch + (*wrapperspb.StringValue)(nil), // 23: google.protobuf.StringValue + (*wrapperspb.BoolValue)(nil), // 24: google.protobuf.BoolValue + (*types.Status)(nil), // 25: spire.api.types.Status } var file_spire_api_server_entry_v1_entry_proto_depIdxs = []int32{ - 13, // 0: spire.api.server.entry.v1.ListEntriesRequest.filter:type_name -> spire.api.server.entry.v1.ListEntriesRequest.Filter - 17, // 1: spire.api.server.entry.v1.ListEntriesRequest.output_mask:type_name -> spire.api.types.EntryMask - 18, // 2: spire.api.server.entry.v1.ListEntriesResponse.entries:type_name -> spire.api.types.Entry - 17, // 3: spire.api.server.entry.v1.GetEntryRequest.output_mask:type_name -> spire.api.types.EntryMask - 18, // 4: spire.api.server.entry.v1.BatchCreateEntryRequest.entries:type_name -> spire.api.types.Entry - 17, // 5: spire.api.server.entry.v1.BatchCreateEntryRequest.output_mask:type_name -> spire.api.types.EntryMask - 14, // 6: spire.api.server.entry.v1.BatchCreateEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchCreateEntryResponse.Result - 18, // 7: spire.api.server.entry.v1.BatchUpdateEntryRequest.entries:type_name -> spire.api.types.Entry - 17, // 8: spire.api.server.entry.v1.BatchUpdateEntryRequest.input_mask:type_name -> spire.api.types.EntryMask - 17, // 9: spire.api.server.entry.v1.BatchUpdateEntryRequest.output_mask:type_name -> spire.api.types.EntryMask - 15, // 10: spire.api.server.entry.v1.BatchUpdateEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchUpdateEntryResponse.Result - 16, // 11: spire.api.server.entry.v1.BatchDeleteEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchDeleteEntryResponse.Result - 17, // 12: spire.api.server.entry.v1.GetAuthorizedEntriesRequest.output_mask:type_name -> spire.api.types.EntryMask - 18, // 13: spire.api.server.entry.v1.GetAuthorizedEntriesResponse.entries:type_name -> spire.api.types.Entry - 19, // 14: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_spiffe_id:type_name -> spire.api.types.SPIFFEID - 19, // 15: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_parent_id:type_name -> spire.api.types.SPIFFEID - 20, // 16: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_selectors:type_name -> spire.api.types.SelectorMatch - 21, // 17: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_federates_with:type_name -> spire.api.types.FederatesWithMatch - 22, // 18: spire.api.server.entry.v1.BatchCreateEntryResponse.Result.status:type_name -> spire.api.types.Status - 18, // 19: spire.api.server.entry.v1.BatchCreateEntryResponse.Result.entry:type_name -> spire.api.types.Entry - 22, // 20: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result.status:type_name -> spire.api.types.Status - 18, // 21: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result.entry:type_name -> spire.api.types.Entry - 22, // 22: spire.api.server.entry.v1.BatchDeleteEntryResponse.Result.status:type_name -> spire.api.types.Status - 0, // 23: spire.api.server.entry.v1.Entry.CountEntries:input_type -> spire.api.server.entry.v1.CountEntriesRequest - 2, // 24: spire.api.server.entry.v1.Entry.ListEntries:input_type -> spire.api.server.entry.v1.ListEntriesRequest - 4, // 25: spire.api.server.entry.v1.Entry.GetEntry:input_type -> spire.api.server.entry.v1.GetEntryRequest - 5, // 26: spire.api.server.entry.v1.Entry.BatchCreateEntry:input_type -> spire.api.server.entry.v1.BatchCreateEntryRequest - 7, // 27: spire.api.server.entry.v1.Entry.BatchUpdateEntry:input_type -> spire.api.server.entry.v1.BatchUpdateEntryRequest - 9, // 28: spire.api.server.entry.v1.Entry.BatchDeleteEntry:input_type -> spire.api.server.entry.v1.BatchDeleteEntryRequest - 11, // 29: spire.api.server.entry.v1.Entry.GetAuthorizedEntries:input_type -> spire.api.server.entry.v1.GetAuthorizedEntriesRequest - 1, // 30: spire.api.server.entry.v1.Entry.CountEntries:output_type -> spire.api.server.entry.v1.CountEntriesResponse - 3, // 31: spire.api.server.entry.v1.Entry.ListEntries:output_type -> spire.api.server.entry.v1.ListEntriesResponse - 18, // 32: spire.api.server.entry.v1.Entry.GetEntry:output_type -> spire.api.types.Entry - 6, // 33: spire.api.server.entry.v1.Entry.BatchCreateEntry:output_type -> spire.api.server.entry.v1.BatchCreateEntryResponse - 8, // 34: spire.api.server.entry.v1.Entry.BatchUpdateEntry:output_type -> spire.api.server.entry.v1.BatchUpdateEntryResponse - 10, // 35: spire.api.server.entry.v1.Entry.BatchDeleteEntry:output_type -> spire.api.server.entry.v1.BatchDeleteEntryResponse - 12, // 36: spire.api.server.entry.v1.Entry.GetAuthorizedEntries:output_type -> spire.api.server.entry.v1.GetAuthorizedEntriesResponse - 30, // [30:37] is the sub-list for method output_type - 23, // [23:30] is the sub-list for method input_type - 23, // [23:23] is the sub-list for extension type_name - 23, // [23:23] is the sub-list for extension extendee - 0, // [0:23] is the sub-list for field type_name + 13, // 0: spire.api.server.entry.v1.CountEntriesRequest.filter:type_name -> spire.api.server.entry.v1.CountEntriesRequest.Filter + 14, // 1: spire.api.server.entry.v1.ListEntriesRequest.filter:type_name -> spire.api.server.entry.v1.ListEntriesRequest.Filter + 18, // 2: spire.api.server.entry.v1.ListEntriesRequest.output_mask:type_name -> spire.api.types.EntryMask + 19, // 3: spire.api.server.entry.v1.ListEntriesResponse.entries:type_name -> spire.api.types.Entry + 18, // 4: spire.api.server.entry.v1.GetEntryRequest.output_mask:type_name -> spire.api.types.EntryMask + 19, // 5: spire.api.server.entry.v1.BatchCreateEntryRequest.entries:type_name -> spire.api.types.Entry + 18, // 6: spire.api.server.entry.v1.BatchCreateEntryRequest.output_mask:type_name -> spire.api.types.EntryMask + 15, // 7: spire.api.server.entry.v1.BatchCreateEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchCreateEntryResponse.Result + 19, // 8: spire.api.server.entry.v1.BatchUpdateEntryRequest.entries:type_name -> spire.api.types.Entry + 18, // 9: spire.api.server.entry.v1.BatchUpdateEntryRequest.input_mask:type_name -> spire.api.types.EntryMask + 18, // 10: spire.api.server.entry.v1.BatchUpdateEntryRequest.output_mask:type_name -> spire.api.types.EntryMask + 16, // 11: spire.api.server.entry.v1.BatchUpdateEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchUpdateEntryResponse.Result + 17, // 12: spire.api.server.entry.v1.BatchDeleteEntryResponse.results:type_name -> spire.api.server.entry.v1.BatchDeleteEntryResponse.Result + 18, // 13: spire.api.server.entry.v1.GetAuthorizedEntriesRequest.output_mask:type_name -> spire.api.types.EntryMask + 19, // 14: spire.api.server.entry.v1.GetAuthorizedEntriesResponse.entries:type_name -> spire.api.types.Entry + 20, // 15: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_spiffe_id:type_name -> spire.api.types.SPIFFEID + 20, // 16: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_parent_id:type_name -> spire.api.types.SPIFFEID + 21, // 17: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_selectors:type_name -> spire.api.types.SelectorMatch + 22, // 18: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_federates_with:type_name -> spire.api.types.FederatesWithMatch + 23, // 19: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_hint:type_name -> google.protobuf.StringValue + 24, // 20: spire.api.server.entry.v1.CountEntriesRequest.Filter.by_downstream:type_name -> google.protobuf.BoolValue + 20, // 21: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_spiffe_id:type_name -> spire.api.types.SPIFFEID + 20, // 22: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_parent_id:type_name -> spire.api.types.SPIFFEID + 21, // 23: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_selectors:type_name -> spire.api.types.SelectorMatch + 22, // 24: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_federates_with:type_name -> spire.api.types.FederatesWithMatch + 23, // 25: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_hint:type_name -> google.protobuf.StringValue + 24, // 26: spire.api.server.entry.v1.ListEntriesRequest.Filter.by_downstream:type_name -> google.protobuf.BoolValue + 25, // 27: spire.api.server.entry.v1.BatchCreateEntryResponse.Result.status:type_name -> spire.api.types.Status + 19, // 28: spire.api.server.entry.v1.BatchCreateEntryResponse.Result.entry:type_name -> spire.api.types.Entry + 25, // 29: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result.status:type_name -> spire.api.types.Status + 19, // 30: spire.api.server.entry.v1.BatchUpdateEntryResponse.Result.entry:type_name -> spire.api.types.Entry + 25, // 31: spire.api.server.entry.v1.BatchDeleteEntryResponse.Result.status:type_name -> spire.api.types.Status + 0, // 32: spire.api.server.entry.v1.Entry.CountEntries:input_type -> spire.api.server.entry.v1.CountEntriesRequest + 2, // 33: spire.api.server.entry.v1.Entry.ListEntries:input_type -> spire.api.server.entry.v1.ListEntriesRequest + 4, // 34: spire.api.server.entry.v1.Entry.GetEntry:input_type -> spire.api.server.entry.v1.GetEntryRequest + 5, // 35: spire.api.server.entry.v1.Entry.BatchCreateEntry:input_type -> spire.api.server.entry.v1.BatchCreateEntryRequest + 7, // 36: spire.api.server.entry.v1.Entry.BatchUpdateEntry:input_type -> spire.api.server.entry.v1.BatchUpdateEntryRequest + 9, // 37: spire.api.server.entry.v1.Entry.BatchDeleteEntry:input_type -> spire.api.server.entry.v1.BatchDeleteEntryRequest + 11, // 38: spire.api.server.entry.v1.Entry.GetAuthorizedEntries:input_type -> spire.api.server.entry.v1.GetAuthorizedEntriesRequest + 1, // 39: spire.api.server.entry.v1.Entry.CountEntries:output_type -> spire.api.server.entry.v1.CountEntriesResponse + 3, // 40: spire.api.server.entry.v1.Entry.ListEntries:output_type -> spire.api.server.entry.v1.ListEntriesResponse + 19, // 41: spire.api.server.entry.v1.Entry.GetEntry:output_type -> spire.api.types.Entry + 6, // 42: spire.api.server.entry.v1.Entry.BatchCreateEntry:output_type -> spire.api.server.entry.v1.BatchCreateEntryResponse + 8, // 43: spire.api.server.entry.v1.Entry.BatchUpdateEntry:output_type -> spire.api.server.entry.v1.BatchUpdateEntryResponse + 10, // 44: spire.api.server.entry.v1.Entry.BatchDeleteEntry:output_type -> spire.api.server.entry.v1.BatchDeleteEntryResponse + 12, // 45: spire.api.server.entry.v1.Entry.GetAuthorizedEntries:output_type -> spire.api.server.entry.v1.GetAuthorizedEntriesResponse + 39, // [39:46] is the sub-list for method output_type + 32, // [32:39] is the sub-list for method input_type + 32, // [32:32] is the sub-list for extension type_name + 32, // [32:32] is the sub-list for extension extendee + 0, // [0:32] is the sub-list for field type_name } func init() { file_spire_api_server_entry_v1_entry_proto_init() } @@ -1404,7 +1570,7 @@ func file_spire_api_server_entry_v1_entry_proto_init() { } } file_spire_api_server_entry_v1_entry_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ListEntriesRequest_Filter); i { + switch v := v.(*CountEntriesRequest_Filter); i { case 0: return &v.state case 1: @@ -1416,7 +1582,7 @@ func file_spire_api_server_entry_v1_entry_proto_init() { } } file_spire_api_server_entry_v1_entry_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*BatchCreateEntryResponse_Result); i { + switch v := v.(*ListEntriesRequest_Filter); i { case 0: return &v.state case 1: @@ -1428,7 +1594,7 @@ func file_spire_api_server_entry_v1_entry_proto_init() { } } file_spire_api_server_entry_v1_entry_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*BatchUpdateEntryResponse_Result); i { + switch v := v.(*BatchCreateEntryResponse_Result); i { case 0: return &v.state case 1: @@ -1440,6 +1606,18 @@ func file_spire_api_server_entry_v1_entry_proto_init() { } } file_spire_api_server_entry_v1_entry_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BatchUpdateEntryResponse_Result); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_entry_v1_entry_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*BatchDeleteEntryResponse_Result); i { case 0: return &v.state @@ -1458,7 +1636,7 @@ func file_spire_api_server_entry_v1_entry_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_spire_api_server_entry_v1_entry_proto_rawDesc, NumEnums: 0, - NumMessages: 17, + NumMessages: 18, NumExtensions: 0, NumServices: 1, }, diff --git a/proto/spire/api/server/entry/v1/entry.proto b/proto/spire/api/server/entry/v1/entry.proto index 28fb498..971f29f 100644 --- a/proto/spire/api/server/entry/v1/entry.proto +++ b/proto/spire/api/server/entry/v1/entry.proto @@ -7,6 +7,7 @@ import "spire/api/types/federateswith.proto"; import "spire/api/types/selector.proto"; import "spire/api/types/spiffeid.proto"; import "spire/api/types/status.proto"; +import "google/protobuf/wrappers.proto"; // Manages registration entries stored by the SPIRE Server. service Entry { @@ -48,6 +49,18 @@ service Entry { } message CountEntriesRequest { + message Filter { + spire.api.types.SPIFFEID by_spiffe_id = 1; + spire.api.types.SPIFFEID by_parent_id = 2; + spire.api.types.SelectorMatch by_selectors = 3; + spire.api.types.FederatesWithMatch by_federates_with = 4; + google.protobuf.StringValue by_hint = 5; + google.protobuf.BoolValue by_downstream = 6; + } + + // Filters the entries returned in the response. + Filter filter = 1; + } message CountEntriesResponse { @@ -60,6 +73,8 @@ message ListEntriesRequest { spire.api.types.SPIFFEID by_parent_id = 2; spire.api.types.SelectorMatch by_selectors = 3; spire.api.types.FederatesWithMatch by_federates_with = 4; + google.protobuf.StringValue by_hint = 5; + google.protobuf.BoolValue by_downstream = 6; } // Filters the entries returned in the response. diff --git a/proto/spire/api/server/localauthority/v1/localauthority.pb.go b/proto/spire/api/server/localauthority/v1/localauthority.pb.go new file mode 100644 index 0000000..0da7aba --- /dev/null +++ b/proto/spire/api/server/localauthority/v1/localauthority.pb.go @@ -0,0 +1,1653 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.28.0 +// protoc v3.20.1 +// source: spire/api/server/localauthority/v1/localauthority.proto + +package localauthorityv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type GetJWTAuthorityStateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *GetJWTAuthorityStateRequest) Reset() { + *x = GetJWTAuthorityStateRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetJWTAuthorityStateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetJWTAuthorityStateRequest) ProtoMessage() {} + +func (x *GetJWTAuthorityStateRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetJWTAuthorityStateRequest.ProtoReflect.Descriptor instead. +func (*GetJWTAuthorityStateRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{0} +} + +type GetJWTAuthorityStateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Authority currently being used for signing operations. + Active *AuthorityState `protobuf:"bytes,1,opt,name=active,proto3" json:"active,omitempty"` + // Authority added on bundle but is not used yet. + Prepared *AuthorityState `protobuf:"bytes,2,opt,name=prepared,proto3" json:"prepared,omitempty"` + // Authority in that was previously used for signing operations, + // but it is not longer. + Old *AuthorityState `protobuf:"bytes,3,opt,name=old,proto3" json:"old,omitempty"` +} + +func (x *GetJWTAuthorityStateResponse) Reset() { + *x = GetJWTAuthorityStateResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetJWTAuthorityStateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetJWTAuthorityStateResponse) ProtoMessage() {} + +func (x *GetJWTAuthorityStateResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetJWTAuthorityStateResponse.ProtoReflect.Descriptor instead. +func (*GetJWTAuthorityStateResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{1} +} + +func (x *GetJWTAuthorityStateResponse) GetActive() *AuthorityState { + if x != nil { + return x.Active + } + return nil +} + +func (x *GetJWTAuthorityStateResponse) GetPrepared() *AuthorityState { + if x != nil { + return x.Prepared + } + return nil +} + +func (x *GetJWTAuthorityStateResponse) GetOld() *AuthorityState { + if x != nil { + return x.Old + } + return nil +} + +type PrepareJWTAuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *PrepareJWTAuthorityRequest) Reset() { + *x = PrepareJWTAuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PrepareJWTAuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PrepareJWTAuthorityRequest) ProtoMessage() {} + +func (x *PrepareJWTAuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PrepareJWTAuthorityRequest.ProtoReflect.Descriptor instead. +func (*PrepareJWTAuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{2} +} + +type PrepareJWTAuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + PreparedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=prepared_authority,json=preparedAuthority,proto3" json:"prepared_authority,omitempty"` +} + +func (x *PrepareJWTAuthorityResponse) Reset() { + *x = PrepareJWTAuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PrepareJWTAuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PrepareJWTAuthorityResponse) ProtoMessage() {} + +func (x *PrepareJWTAuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PrepareJWTAuthorityResponse.ProtoReflect.Descriptor instead. +func (*PrepareJWTAuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{3} +} + +func (x *PrepareJWTAuthorityResponse) GetPreparedAuthority() *AuthorityState { + if x != nil { + return x.PreparedAuthority + } + return nil +} + +type ActivateJWTAuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local authority JWT authority to activate. + // This is the JWT Key ID. + // By default, the prepared local JWT authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *ActivateJWTAuthorityRequest) Reset() { + *x = ActivateJWTAuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ActivateJWTAuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ActivateJWTAuthorityRequest) ProtoMessage() {} + +func (x *ActivateJWTAuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ActivateJWTAuthorityRequest.ProtoReflect.Descriptor instead. +func (*ActivateJWTAuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{4} +} + +func (x *ActivateJWTAuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type ActivateJWTAuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ActivatedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=activated_authority,json=activatedAuthority,proto3" json:"activated_authority,omitempty"` +} + +func (x *ActivateJWTAuthorityResponse) Reset() { + *x = ActivateJWTAuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ActivateJWTAuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ActivateJWTAuthorityResponse) ProtoMessage() {} + +func (x *ActivateJWTAuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ActivateJWTAuthorityResponse.ProtoReflect.Descriptor instead. +func (*ActivateJWTAuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{5} +} + +func (x *ActivateJWTAuthorityResponse) GetActivatedAuthority() *AuthorityState { + if x != nil { + return x.ActivatedAuthority + } + return nil +} + +type TaintJWTAuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local authority JWT authority to taint. + // This is the JWT Key ID. + // By default, the old local JWT authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *TaintJWTAuthorityRequest) Reset() { + *x = TaintJWTAuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *TaintJWTAuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TaintJWTAuthorityRequest) ProtoMessage() {} + +func (x *TaintJWTAuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TaintJWTAuthorityRequest.ProtoReflect.Descriptor instead. +func (*TaintJWTAuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{6} +} + +func (x *TaintJWTAuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type TaintJWTAuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + TaintedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=tainted_authority,json=taintedAuthority,proto3" json:"tainted_authority,omitempty"` +} + +func (x *TaintJWTAuthorityResponse) Reset() { + *x = TaintJWTAuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *TaintJWTAuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TaintJWTAuthorityResponse) ProtoMessage() {} + +func (x *TaintJWTAuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TaintJWTAuthorityResponse.ProtoReflect.Descriptor instead. +func (*TaintJWTAuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{7} +} + +func (x *TaintJWTAuthorityResponse) GetTaintedAuthority() *AuthorityState { + if x != nil { + return x.TaintedAuthority + } + return nil +} + +type RevokeJWTAuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local authority JWT authority to revoke. + // This is the JWT Key ID. + // By default, the old local JWT authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *RevokeJWTAuthorityRequest) Reset() { + *x = RevokeJWTAuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RevokeJWTAuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeJWTAuthorityRequest) ProtoMessage() {} + +func (x *RevokeJWTAuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeJWTAuthorityRequest.ProtoReflect.Descriptor instead. +func (*RevokeJWTAuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{8} +} + +func (x *RevokeJWTAuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type RevokeJWTAuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + RevokedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=revoked_authority,json=revokedAuthority,proto3" json:"revoked_authority,omitempty"` +} + +func (x *RevokeJWTAuthorityResponse) Reset() { + *x = RevokeJWTAuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RevokeJWTAuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeJWTAuthorityResponse) ProtoMessage() {} + +func (x *RevokeJWTAuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeJWTAuthorityResponse.ProtoReflect.Descriptor instead. +func (*RevokeJWTAuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{9} +} + +func (x *RevokeJWTAuthorityResponse) GetRevokedAuthority() *AuthorityState { + if x != nil { + return x.RevokedAuthority + } + return nil +} + +type GetX509AuthorityStateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *GetX509AuthorityStateRequest) Reset() { + *x = GetX509AuthorityStateRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetX509AuthorityStateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetX509AuthorityStateRequest) ProtoMessage() {} + +func (x *GetX509AuthorityStateRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetX509AuthorityStateRequest.ProtoReflect.Descriptor instead. +func (*GetX509AuthorityStateRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{10} +} + +type GetX509AuthorityStateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Authority currently being used for signing operations. + Active *AuthorityState `protobuf:"bytes,1,opt,name=active,proto3" json:"active,omitempty"` + // Authority added on bundle but is not used yet. + Prepared *AuthorityState `protobuf:"bytes,2,opt,name=prepared,proto3" json:"prepared,omitempty"` + // Authority in that was previously used for signing operations, + // but it is not longer. + Old *AuthorityState `protobuf:"bytes,3,opt,name=old,proto3" json:"old,omitempty"` +} + +func (x *GetX509AuthorityStateResponse) Reset() { + *x = GetX509AuthorityStateResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetX509AuthorityStateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetX509AuthorityStateResponse) ProtoMessage() {} + +func (x *GetX509AuthorityStateResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetX509AuthorityStateResponse.ProtoReflect.Descriptor instead. +func (*GetX509AuthorityStateResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{11} +} + +func (x *GetX509AuthorityStateResponse) GetActive() *AuthorityState { + if x != nil { + return x.Active + } + return nil +} + +func (x *GetX509AuthorityStateResponse) GetPrepared() *AuthorityState { + if x != nil { + return x.Prepared + } + return nil +} + +func (x *GetX509AuthorityStateResponse) GetOld() *AuthorityState { + if x != nil { + return x.Old + } + return nil +} + +type PrepareX509AuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *PrepareX509AuthorityRequest) Reset() { + *x = PrepareX509AuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PrepareX509AuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PrepareX509AuthorityRequest) ProtoMessage() {} + +func (x *PrepareX509AuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[12] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PrepareX509AuthorityRequest.ProtoReflect.Descriptor instead. +func (*PrepareX509AuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{12} +} + +type PrepareX509AuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + PreparedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=prepared_authority,json=preparedAuthority,proto3" json:"prepared_authority,omitempty"` +} + +func (x *PrepareX509AuthorityResponse) Reset() { + *x = PrepareX509AuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PrepareX509AuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PrepareX509AuthorityResponse) ProtoMessage() {} + +func (x *PrepareX509AuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[13] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PrepareX509AuthorityResponse.ProtoReflect.Descriptor instead. +func (*PrepareX509AuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{13} +} + +func (x *PrepareX509AuthorityResponse) GetPreparedAuthority() *AuthorityState { + if x != nil { + return x.PreparedAuthority + } + return nil +} + +type ActivateX509AuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local X.509 authority to activate. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the prepared local X.509 authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *ActivateX509AuthorityRequest) Reset() { + *x = ActivateX509AuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ActivateX509AuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ActivateX509AuthorityRequest) ProtoMessage() {} + +func (x *ActivateX509AuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[14] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ActivateX509AuthorityRequest.ProtoReflect.Descriptor instead. +func (*ActivateX509AuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{14} +} + +func (x *ActivateX509AuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type ActivateX509AuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ActivatedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=activated_authority,json=activatedAuthority,proto3" json:"activated_authority,omitempty"` +} + +func (x *ActivateX509AuthorityResponse) Reset() { + *x = ActivateX509AuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ActivateX509AuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ActivateX509AuthorityResponse) ProtoMessage() {} + +func (x *ActivateX509AuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[15] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ActivateX509AuthorityResponse.ProtoReflect.Descriptor instead. +func (*ActivateX509AuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{15} +} + +func (x *ActivateX509AuthorityResponse) GetActivatedAuthority() *AuthorityState { + if x != nil { + return x.ActivatedAuthority + } + return nil +} + +type TaintX509AuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local X.509 authority to taint. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the old local X.509 authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *TaintX509AuthorityRequest) Reset() { + *x = TaintX509AuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *TaintX509AuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TaintX509AuthorityRequest) ProtoMessage() {} + +func (x *TaintX509AuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[16] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TaintX509AuthorityRequest.ProtoReflect.Descriptor instead. +func (*TaintX509AuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{16} +} + +func (x *TaintX509AuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type TaintX509AuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + TaintedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=tainted_authority,json=taintedAuthority,proto3" json:"tainted_authority,omitempty"` +} + +func (x *TaintX509AuthorityResponse) Reset() { + *x = TaintX509AuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *TaintX509AuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TaintX509AuthorityResponse) ProtoMessage() {} + +func (x *TaintX509AuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[17] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TaintX509AuthorityResponse.ProtoReflect.Descriptor instead. +func (*TaintX509AuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{17} +} + +func (x *TaintX509AuthorityResponse) GetTaintedAuthority() *AuthorityState { + if x != nil { + return x.TaintedAuthority + } + return nil +} + +type RevokeX509AuthorityRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. The authority ID of the local X.509 authority to revoke. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the old local X.509 authority is used. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` +} + +func (x *RevokeX509AuthorityRequest) Reset() { + *x = RevokeX509AuthorityRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[18] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RevokeX509AuthorityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeX509AuthorityRequest) ProtoMessage() {} + +func (x *RevokeX509AuthorityRequest) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[18] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeX509AuthorityRequest.ProtoReflect.Descriptor instead. +func (*RevokeX509AuthorityRequest) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{18} +} + +func (x *RevokeX509AuthorityRequest) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +type RevokeX509AuthorityResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + RevokedAuthority *AuthorityState `protobuf:"bytes,1,opt,name=revoked_authority,json=revokedAuthority,proto3" json:"revoked_authority,omitempty"` +} + +func (x *RevokeX509AuthorityResponse) Reset() { + *x = RevokeX509AuthorityResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[19] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RevokeX509AuthorityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeX509AuthorityResponse) ProtoMessage() {} + +func (x *RevokeX509AuthorityResponse) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[19] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeX509AuthorityResponse.ProtoReflect.Descriptor instead. +func (*RevokeX509AuthorityResponse) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{19} +} + +func (x *RevokeX509AuthorityResponse) GetRevokedAuthority() *AuthorityState { + if x != nil { + return x.RevokedAuthority + } + return nil +} + +type AuthorityState struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The authority ID. + AuthorityId string `protobuf:"bytes,1,opt,name=authority_id,json=authorityId,proto3" json:"authority_id,omitempty"` + // Expiration timestamp (seconds since Unix epoch). + ExpiresAt int64 `protobuf:"varint,2,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` +} + +func (x *AuthorityState) Reset() { + *x = AuthorityState{} + if protoimpl.UnsafeEnabled { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[20] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *AuthorityState) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthorityState) ProtoMessage() {} + +func (x *AuthorityState) ProtoReflect() protoreflect.Message { + mi := &file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[20] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthorityState.ProtoReflect.Descriptor instead. +func (*AuthorityState) Descriptor() ([]byte, []int) { + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP(), []int{20} +} + +func (x *AuthorityState) GetAuthorityId() string { + if x != nil { + return x.AuthorityId + } + return "" +} + +func (x *AuthorityState) GetExpiresAt() int64 { + if x != nil { + return x.ExpiresAt + } + return 0 +} + +var File_spire_api_server_localauthority_v1_localauthority_proto protoreflect.FileDescriptor + +var file_spire_api_server_localauthority_v1_localauthority_proto_rawDesc = []byte{ + 0x0a, 0x37, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x2f, 0x76, 0x31, 0x2f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x22, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, + 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x22, 0x1d, 0x0a, + 0x1b, 0x47, 0x65, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x80, 0x02, 0x0a, + 0x1c, 0x47, 0x65, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4a, 0x0a, + 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, + 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, + 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x4e, 0x0a, 0x08, 0x70, 0x72, 0x65, + 0x70, 0x61, 0x72, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, + 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, + 0x08, 0x70, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x64, 0x12, 0x44, 0x0a, 0x03, 0x6f, 0x6c, 0x64, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x03, 0x6f, 0x6c, 0x64, 0x22, + 0x1c, 0x0a, 0x1a, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x80, 0x01, + 0x0a, 0x1b, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x61, 0x0a, + 0x12, 0x70, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, + 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x11, 0x70, + 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x22, 0x40, 0x0a, 0x1b, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4a, 0x57, 0x54, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x69, 0x64, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x49, 0x64, 0x22, 0x83, 0x01, 0x0a, 0x1c, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4a, + 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x63, 0x0a, 0x13, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x64, + 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, + 0x74, 0x61, 0x74, 0x65, 0x52, 0x12, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x64, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0x3d, 0x0a, 0x18, 0x54, 0x61, 0x69, 0x6e, + 0x74, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x49, 0x64, 0x22, 0x7c, 0x0a, 0x19, 0x54, 0x61, 0x69, 0x6e, 0x74, + 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5f, 0x0a, 0x11, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x5f, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, + 0x61, 0x74, 0x65, 0x52, 0x10, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0x3e, 0x0a, 0x19, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x4a, + 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x49, 0x64, 0x22, 0x7d, 0x0a, 0x1a, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x4a, + 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x5f, 0x0a, 0x11, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x5f, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, + 0x74, 0x65, 0x52, 0x10, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x22, 0x1e, 0x0a, 0x1c, 0x47, 0x65, 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x22, 0x81, 0x02, 0x0a, 0x1d, 0x47, 0x65, 0x74, 0x58, 0x35, 0x30, 0x39, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4a, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, + 0x76, 0x65, 0x12, 0x4e, 0x0a, 0x08, 0x70, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x64, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x08, 0x70, 0x72, 0x65, 0x70, 0x61, 0x72, + 0x65, 0x64, 0x12, 0x44, 0x0a, 0x03, 0x6f, 0x6c, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, + 0x61, 0x74, 0x65, 0x52, 0x03, 0x6f, 0x6c, 0x64, 0x22, 0x1d, 0x0a, 0x1b, 0x50, 0x72, 0x65, 0x70, + 0x61, 0x72, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x81, 0x01, 0x0a, 0x1c, 0x50, 0x72, 0x65, 0x70, + 0x61, 0x72, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x61, 0x0a, 0x12, 0x70, 0x72, 0x65, 0x70, + 0x61, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x11, 0x70, 0x72, 0x65, 0x70, 0x61, 0x72, + 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0x41, 0x0a, 0x1c, 0x41, + 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x49, 0x64, 0x22, 0x84, + 0x01, 0x0a, 0x1d, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x63, 0x0a, 0x13, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, 0x2e, + 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, + 0x65, 0x52, 0x12, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0x3e, 0x0a, 0x19, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x58, 0x35, + 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x49, 0x64, 0x22, 0x7d, 0x0a, 0x1a, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x58, 0x35, + 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x5f, 0x0a, 0x11, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x5f, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x32, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, + 0x74, 0x65, 0x52, 0x10, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x22, 0x3f, 0x0a, 0x1a, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x58, 0x35, + 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x5f, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x49, 0x64, 0x22, 0x7e, 0x0a, 0x1b, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x58, + 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5f, 0x0a, 0x11, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x5f, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x32, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, + 0x61, 0x74, 0x65, 0x52, 0x10, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x22, 0x52, 0x0a, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, + 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, + 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x32, 0x93, 0x0c, 0x0a, 0x0e, 0x4c, 0x6f, + 0x63, 0x61, 0x6c, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x99, 0x01, 0x0a, + 0x14, 0x47, 0x65, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x3f, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4a, 0x57, + 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x40, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4a, + 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x96, 0x01, 0x0a, 0x13, 0x50, 0x72, 0x65, + 0x70, 0x61, 0x72, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x12, 0x3e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x4a, 0x57, 0x54, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x3f, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x4a, 0x57, 0x54, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x99, 0x01, 0x0a, 0x14, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4a, 0x57, + 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3f, 0x2e, 0x73, 0x70, 0x69, + 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, + 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, + 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x40, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, + 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x90, 0x01, + 0x0a, 0x11, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x12, 0x3c, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x4a, 0x57, + 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x3d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x4a, 0x57, 0x54, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x93, 0x01, 0x0a, 0x12, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, + 0x6f, 0x6b, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, + 0x6b, 0x65, 0x4a, 0x57, 0x54, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x9c, 0x01, 0x0a, 0x15, 0x47, 0x65, 0x74, 0x58, 0x35, + 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, + 0x12, 0x40, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x41, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x99, 0x01, 0x0a, 0x14, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, + 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3f, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x40, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, + 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x70, 0x61, 0x72, 0x65, 0x58, 0x35, 0x30, 0x39, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x9c, 0x01, 0x0a, 0x15, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x58, 0x35, + 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x40, 0x2e, 0x73, 0x70, + 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, + 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, + 0x2e, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x41, 0x2e, + 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, + 0x76, 0x31, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x93, 0x01, 0x0a, 0x12, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3d, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x61, 0x69, + 0x6e, 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3e, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x61, 0x69, 0x6e, + 0x74, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x96, 0x01, 0x0a, 0x13, 0x52, 0x65, 0x76, 0x6f, 0x6b, + 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3e, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3f, + 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, + 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x58, 0x35, 0x30, 0x39, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, + 0x5b, 0x5a, 0x59, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, + 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, + 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, + 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x2f, 0x76, 0x31, 0x3b, 0x6c, 0x6f, 0x63, 0x61, + 0x6c, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_spire_api_server_localauthority_v1_localauthority_proto_rawDescOnce sync.Once + file_spire_api_server_localauthority_v1_localauthority_proto_rawDescData = file_spire_api_server_localauthority_v1_localauthority_proto_rawDesc +) + +func file_spire_api_server_localauthority_v1_localauthority_proto_rawDescGZIP() []byte { + file_spire_api_server_localauthority_v1_localauthority_proto_rawDescOnce.Do(func() { + file_spire_api_server_localauthority_v1_localauthority_proto_rawDescData = protoimpl.X.CompressGZIP(file_spire_api_server_localauthority_v1_localauthority_proto_rawDescData) + }) + return file_spire_api_server_localauthority_v1_localauthority_proto_rawDescData +} + +var file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes = make([]protoimpl.MessageInfo, 21) +var file_spire_api_server_localauthority_v1_localauthority_proto_goTypes = []interface{}{ + (*GetJWTAuthorityStateRequest)(nil), // 0: spire.api.server.localauthority.v1.GetJWTAuthorityStateRequest + (*GetJWTAuthorityStateResponse)(nil), // 1: spire.api.server.localauthority.v1.GetJWTAuthorityStateResponse + (*PrepareJWTAuthorityRequest)(nil), // 2: spire.api.server.localauthority.v1.PrepareJWTAuthorityRequest + (*PrepareJWTAuthorityResponse)(nil), // 3: spire.api.server.localauthority.v1.PrepareJWTAuthorityResponse + (*ActivateJWTAuthorityRequest)(nil), // 4: spire.api.server.localauthority.v1.ActivateJWTAuthorityRequest + (*ActivateJWTAuthorityResponse)(nil), // 5: spire.api.server.localauthority.v1.ActivateJWTAuthorityResponse + (*TaintJWTAuthorityRequest)(nil), // 6: spire.api.server.localauthority.v1.TaintJWTAuthorityRequest + (*TaintJWTAuthorityResponse)(nil), // 7: spire.api.server.localauthority.v1.TaintJWTAuthorityResponse + (*RevokeJWTAuthorityRequest)(nil), // 8: spire.api.server.localauthority.v1.RevokeJWTAuthorityRequest + (*RevokeJWTAuthorityResponse)(nil), // 9: spire.api.server.localauthority.v1.RevokeJWTAuthorityResponse + (*GetX509AuthorityStateRequest)(nil), // 10: spire.api.server.localauthority.v1.GetX509AuthorityStateRequest + (*GetX509AuthorityStateResponse)(nil), // 11: spire.api.server.localauthority.v1.GetX509AuthorityStateResponse + (*PrepareX509AuthorityRequest)(nil), // 12: spire.api.server.localauthority.v1.PrepareX509AuthorityRequest + (*PrepareX509AuthorityResponse)(nil), // 13: spire.api.server.localauthority.v1.PrepareX509AuthorityResponse + (*ActivateX509AuthorityRequest)(nil), // 14: spire.api.server.localauthority.v1.ActivateX509AuthorityRequest + (*ActivateX509AuthorityResponse)(nil), // 15: spire.api.server.localauthority.v1.ActivateX509AuthorityResponse + (*TaintX509AuthorityRequest)(nil), // 16: spire.api.server.localauthority.v1.TaintX509AuthorityRequest + (*TaintX509AuthorityResponse)(nil), // 17: spire.api.server.localauthority.v1.TaintX509AuthorityResponse + (*RevokeX509AuthorityRequest)(nil), // 18: spire.api.server.localauthority.v1.RevokeX509AuthorityRequest + (*RevokeX509AuthorityResponse)(nil), // 19: spire.api.server.localauthority.v1.RevokeX509AuthorityResponse + (*AuthorityState)(nil), // 20: spire.api.server.localauthority.v1.AuthorityState +} +var file_spire_api_server_localauthority_v1_localauthority_proto_depIdxs = []int32{ + 20, // 0: spire.api.server.localauthority.v1.GetJWTAuthorityStateResponse.active:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 1: spire.api.server.localauthority.v1.GetJWTAuthorityStateResponse.prepared:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 2: spire.api.server.localauthority.v1.GetJWTAuthorityStateResponse.old:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 3: spire.api.server.localauthority.v1.PrepareJWTAuthorityResponse.prepared_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 4: spire.api.server.localauthority.v1.ActivateJWTAuthorityResponse.activated_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 5: spire.api.server.localauthority.v1.TaintJWTAuthorityResponse.tainted_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 6: spire.api.server.localauthority.v1.RevokeJWTAuthorityResponse.revoked_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 7: spire.api.server.localauthority.v1.GetX509AuthorityStateResponse.active:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 8: spire.api.server.localauthority.v1.GetX509AuthorityStateResponse.prepared:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 9: spire.api.server.localauthority.v1.GetX509AuthorityStateResponse.old:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 10: spire.api.server.localauthority.v1.PrepareX509AuthorityResponse.prepared_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 11: spire.api.server.localauthority.v1.ActivateX509AuthorityResponse.activated_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 12: spire.api.server.localauthority.v1.TaintX509AuthorityResponse.tainted_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 20, // 13: spire.api.server.localauthority.v1.RevokeX509AuthorityResponse.revoked_authority:type_name -> spire.api.server.localauthority.v1.AuthorityState + 0, // 14: spire.api.server.localauthority.v1.LocalAuthority.GetJWTAuthorityState:input_type -> spire.api.server.localauthority.v1.GetJWTAuthorityStateRequest + 2, // 15: spire.api.server.localauthority.v1.LocalAuthority.PrepareJWTAuthority:input_type -> spire.api.server.localauthority.v1.PrepareJWTAuthorityRequest + 4, // 16: spire.api.server.localauthority.v1.LocalAuthority.ActivateJWTAuthority:input_type -> spire.api.server.localauthority.v1.ActivateJWTAuthorityRequest + 6, // 17: spire.api.server.localauthority.v1.LocalAuthority.TaintJWTAuthority:input_type -> spire.api.server.localauthority.v1.TaintJWTAuthorityRequest + 8, // 18: spire.api.server.localauthority.v1.LocalAuthority.RevokeJWTAuthority:input_type -> spire.api.server.localauthority.v1.RevokeJWTAuthorityRequest + 10, // 19: spire.api.server.localauthority.v1.LocalAuthority.GetX509AuthorityState:input_type -> spire.api.server.localauthority.v1.GetX509AuthorityStateRequest + 12, // 20: spire.api.server.localauthority.v1.LocalAuthority.PrepareX509Authority:input_type -> spire.api.server.localauthority.v1.PrepareX509AuthorityRequest + 14, // 21: spire.api.server.localauthority.v1.LocalAuthority.ActivateX509Authority:input_type -> spire.api.server.localauthority.v1.ActivateX509AuthorityRequest + 16, // 22: spire.api.server.localauthority.v1.LocalAuthority.TaintX509Authority:input_type -> spire.api.server.localauthority.v1.TaintX509AuthorityRequest + 18, // 23: spire.api.server.localauthority.v1.LocalAuthority.RevokeX509Authority:input_type -> spire.api.server.localauthority.v1.RevokeX509AuthorityRequest + 1, // 24: spire.api.server.localauthority.v1.LocalAuthority.GetJWTAuthorityState:output_type -> spire.api.server.localauthority.v1.GetJWTAuthorityStateResponse + 3, // 25: spire.api.server.localauthority.v1.LocalAuthority.PrepareJWTAuthority:output_type -> spire.api.server.localauthority.v1.PrepareJWTAuthorityResponse + 5, // 26: spire.api.server.localauthority.v1.LocalAuthority.ActivateJWTAuthority:output_type -> spire.api.server.localauthority.v1.ActivateJWTAuthorityResponse + 7, // 27: spire.api.server.localauthority.v1.LocalAuthority.TaintJWTAuthority:output_type -> spire.api.server.localauthority.v1.TaintJWTAuthorityResponse + 9, // 28: spire.api.server.localauthority.v1.LocalAuthority.RevokeJWTAuthority:output_type -> spire.api.server.localauthority.v1.RevokeJWTAuthorityResponse + 11, // 29: spire.api.server.localauthority.v1.LocalAuthority.GetX509AuthorityState:output_type -> spire.api.server.localauthority.v1.GetX509AuthorityStateResponse + 13, // 30: spire.api.server.localauthority.v1.LocalAuthority.PrepareX509Authority:output_type -> spire.api.server.localauthority.v1.PrepareX509AuthorityResponse + 15, // 31: spire.api.server.localauthority.v1.LocalAuthority.ActivateX509Authority:output_type -> spire.api.server.localauthority.v1.ActivateX509AuthorityResponse + 17, // 32: spire.api.server.localauthority.v1.LocalAuthority.TaintX509Authority:output_type -> spire.api.server.localauthority.v1.TaintX509AuthorityResponse + 19, // 33: spire.api.server.localauthority.v1.LocalAuthority.RevokeX509Authority:output_type -> spire.api.server.localauthority.v1.RevokeX509AuthorityResponse + 24, // [24:34] is the sub-list for method output_type + 14, // [14:24] is the sub-list for method input_type + 14, // [14:14] is the sub-list for extension type_name + 14, // [14:14] is the sub-list for extension extendee + 0, // [0:14] is the sub-list for field type_name +} + +func init() { file_spire_api_server_localauthority_v1_localauthority_proto_init() } +func file_spire_api_server_localauthority_v1_localauthority_proto_init() { + if File_spire_api_server_localauthority_v1_localauthority_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetJWTAuthorityStateRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetJWTAuthorityStateResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PrepareJWTAuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PrepareJWTAuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ActivateJWTAuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ActivateJWTAuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*TaintJWTAuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*TaintJWTAuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeJWTAuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeJWTAuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetX509AuthorityStateRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetX509AuthorityStateResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PrepareX509AuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PrepareX509AuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ActivateX509AuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ActivateX509AuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*TaintX509AuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*TaintX509AuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeX509AuthorityRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeX509AuthorityResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AuthorityState); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_spire_api_server_localauthority_v1_localauthority_proto_rawDesc, + NumEnums: 0, + NumMessages: 21, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_spire_api_server_localauthority_v1_localauthority_proto_goTypes, + DependencyIndexes: file_spire_api_server_localauthority_v1_localauthority_proto_depIdxs, + MessageInfos: file_spire_api_server_localauthority_v1_localauthority_proto_msgTypes, + }.Build() + File_spire_api_server_localauthority_v1_localauthority_proto = out.File + file_spire_api_server_localauthority_v1_localauthority_proto_rawDesc = nil + file_spire_api_server_localauthority_v1_localauthority_proto_goTypes = nil + file_spire_api_server_localauthority_v1_localauthority_proto_depIdxs = nil +} diff --git a/proto/spire/api/server/localauthority/v1/localauthority.proto b/proto/spire/api/server/localauthority/v1/localauthority.proto new file mode 100644 index 0000000..df29792 --- /dev/null +++ b/proto/spire/api/server/localauthority/v1/localauthority.proto @@ -0,0 +1,201 @@ +syntax = "proto3"; +package spire.api.server.localauthority.v1; +option go_package = "github.com/spiffe/spire-api-sdk/proto/spire/api/server/localauthority/v1;localauthorityv1"; + +// The LocalAuthority service provides a way to manage the signing keys (and +// related material) of the SPIRE Server exposing it. +service LocalAuthority { + // GetJWTAuthorityState returns the state of all locally configured + // JWT authorities. + rpc GetJWTAuthorityState(GetJWTAuthorityStateRequest) returns (GetJWTAuthorityStateResponse); + + // PrepareJWTAuthority prepares a new JWT authority for use by + // generating a new key and injecting it into the bundle. This action + // will propagate the new public key cluster-wide. + rpc PrepareJWTAuthority(PrepareJWTAuthorityRequest) returns (PrepareJWTAuthorityResponse); + + // ActivateJWTAuthority activates a prepared JWT authority for use, + // which will cause it to be used for all JWT signing operations + // serviced by this server going forward. If a new JWT authority has + // not already been prepared, a FailedPrecondition error will be returned. + rpc ActivateJWTAuthority(ActivateJWTAuthorityRequest) returns (ActivateJWTAuthorityResponse); + + // TaintJWTAuthority marks the previously active JWT authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + rpc TaintJWTAuthority(TaintJWTAuthorityRequest) returns (TaintJWTAuthorityResponse); + + // RevokeJWTAuthority revokes the previously active JWT authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + rpc RevokeJWTAuthority(RevokeJWTAuthorityRequest) returns (RevokeJWTAuthorityResponse); + + // GetX509AuthorityState returns the state of all locally configured + // X.509 authorities. + rpc GetX509AuthorityState(GetX509AuthorityStateRequest) returns (GetX509AuthorityStateResponse); + + // PrepareX509Authority prepares a new X.509 authority for use by + // generating a new key and injecting the resulting CA certificate into + // the bundle. This action will propagate the new CA cluster-wide. + rpc PrepareX509Authority(PrepareX509AuthorityRequest) returns (PrepareX509AuthorityResponse); + + // ActivateX509Authority activates a prepared X.509 authority for use, + // which will cause it to be used for all X.509 signing operations + // serviced by this server going forward. If a new X.509 authority has + // not already been prepared, a FailedPrecondition error will be returned. + rpc ActivateX509Authority(ActivateX509AuthorityRequest) returns (ActivateX509AuthorityResponse); + + // TaintX509Authority marks the previously active X.509 authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + rpc TaintX509Authority(TaintX509AuthorityRequest) returns (TaintX509AuthorityResponse); + + // RevokeX509Authority revokes the previously active X.509 authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + rpc RevokeX509Authority(RevokeX509AuthorityRequest) returns (RevokeX509AuthorityResponse); +} + +message GetJWTAuthorityStateRequest {} + +message GetJWTAuthorityStateResponse { + // Authority currently being used for signing operations. + AuthorityState active = 1; + + // Authority added on bundle but is not used yet. + AuthorityState prepared = 2; + + // Authority in that was previously used for signing operations, + // but it is not longer. + AuthorityState old = 3; +} + +message PrepareJWTAuthorityRequest {} + +message PrepareJWTAuthorityResponse { + AuthorityState prepared_authority = 1; +} + +message ActivateJWTAuthorityRequest { + // Optional. The authority ID of the local authority JWT authority to activate. + // This is the JWT Key ID. + // By default, the prepared local JWT authority is used. + string authority_id = 1; +} + +message ActivateJWTAuthorityResponse { + AuthorityState activated_authority = 1; +} + +message TaintJWTAuthorityRequest { + // Optional. The authority ID of the local authority JWT authority to taint. + // This is the JWT Key ID. + // By default, the old local JWT authority is used. + string authority_id = 1; +} + +message TaintJWTAuthorityResponse { + AuthorityState tainted_authority = 1; +} + +message RevokeJWTAuthorityRequest { + // Optional. The authority ID of the local authority JWT authority to revoke. + // This is the JWT Key ID. + // By default, the old local JWT authority is used. + string authority_id = 1; +} + +message RevokeJWTAuthorityResponse { + AuthorityState revoked_authority = 1; +} + +message GetX509AuthorityStateRequest {} + +message GetX509AuthorityStateResponse { + // Authority currently being used for signing operations. + AuthorityState active = 1; + + // Authority added on bundle but is not used yet. + AuthorityState prepared = 2; + + // Authority in that was previously used for signing operations, + // but it is not longer. + AuthorityState old = 3; +} + +message PrepareX509AuthorityRequest {} + +message PrepareX509AuthorityResponse { + AuthorityState prepared_authority = 1; +} + +message ActivateX509AuthorityRequest { + // Optional. The authority ID of the local X.509 authority to activate. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the prepared local X.509 authority is used. + string authority_id = 1; +} + +message ActivateX509AuthorityResponse { + AuthorityState activated_authority = 1; +} + +message TaintX509AuthorityRequest { + // Optional. The authority ID of the local X.509 authority to taint. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the old local X.509 authority is used. + string authority_id = 1; +} + +message TaintX509AuthorityResponse { + AuthorityState tainted_authority = 1; +} + +message RevokeX509AuthorityRequest { + // Optional. The authority ID of the local X.509 authority to revoke. + // This is the X.509 Subject Key Identifier (or SKID) of the + // authority's CA certificate, which is calculated by doing a + // SHA-1 hash over the ASN.1 encoding of the public key. + // By default, the old local X.509 authority is used. + string authority_id = 1; +} + +message RevokeX509AuthorityResponse { + AuthorityState revoked_authority = 1; +} + +message AuthorityState { + // The authority ID. + string authority_id = 1; + + // Expiration timestamp (seconds since Unix epoch). + int64 expires_at = 2; +} diff --git a/proto/spire/api/server/localauthority/v1/localauthority_grpc.pb.go b/proto/spire/api/server/localauthority/v1/localauthority_grpc.pb.go new file mode 100644 index 0000000..739ee0e --- /dev/null +++ b/proto/spire/api/server/localauthority/v1/localauthority_grpc.pb.go @@ -0,0 +1,529 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. + +package localauthorityv1 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +const _ = grpc.SupportPackageIsVersion7 + +// LocalAuthorityClient is the client API for LocalAuthority service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type LocalAuthorityClient interface { + // GetJWTAuthorityState returns the state of all locally configured + // JWT authorities. + GetJWTAuthorityState(ctx context.Context, in *GetJWTAuthorityStateRequest, opts ...grpc.CallOption) (*GetJWTAuthorityStateResponse, error) + // PrepareJWTAuthority prepares a new JWT authority for use by + // generating a new key and injecting it into the bundle. This action + // will propagate the new public key cluster-wide. + PrepareJWTAuthority(ctx context.Context, in *PrepareJWTAuthorityRequest, opts ...grpc.CallOption) (*PrepareJWTAuthorityResponse, error) + // ActivateJWTAuthority activates a prepared JWT authority for use, + // which will cause it to be used for all JWT signing operations + // serviced by this server going forward. If a new JWT authority has + // not already been prepared, a FailedPrecondition error will be returned. + ActivateJWTAuthority(ctx context.Context, in *ActivateJWTAuthorityRequest, opts ...grpc.CallOption) (*ActivateJWTAuthorityResponse, error) + // TaintJWTAuthority marks the previously active JWT authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + TaintJWTAuthority(ctx context.Context, in *TaintJWTAuthorityRequest, opts ...grpc.CallOption) (*TaintJWTAuthorityResponse, error) + // RevokeJWTAuthority revokes the previously active JWT authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + RevokeJWTAuthority(ctx context.Context, in *RevokeJWTAuthorityRequest, opts ...grpc.CallOption) (*RevokeJWTAuthorityResponse, error) + // GetX509AuthorityState returns the state of all locally configured + // X.509 authorities. + GetX509AuthorityState(ctx context.Context, in *GetX509AuthorityStateRequest, opts ...grpc.CallOption) (*GetX509AuthorityStateResponse, error) + // PrepareX509Authority prepares a new X.509 authority for use by + // generating a new key and injecting the resulting CA certificate into + // the bundle. This action will propagate the new CA cluster-wide. + PrepareX509Authority(ctx context.Context, in *PrepareX509AuthorityRequest, opts ...grpc.CallOption) (*PrepareX509AuthorityResponse, error) + // ActivateX509Authority activates a prepared X.509 authority for use, + // which will cause it to be used for all X.509 signing operations + // serviced by this server going forward. If a new X.509 authority has + // not already been prepared, a FailedPrecondition error will be returned. + ActivateX509Authority(ctx context.Context, in *ActivateX509AuthorityRequest, opts ...grpc.CallOption) (*ActivateX509AuthorityResponse, error) + // TaintX509Authority marks the previously active X.509 authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + TaintX509Authority(ctx context.Context, in *TaintX509AuthorityRequest, opts ...grpc.CallOption) (*TaintX509AuthorityResponse, error) + // RevokeX509Authority revokes the previously active X.509 authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + RevokeX509Authority(ctx context.Context, in *RevokeX509AuthorityRequest, opts ...grpc.CallOption) (*RevokeX509AuthorityResponse, error) +} + +type localAuthorityClient struct { + cc grpc.ClientConnInterface +} + +func NewLocalAuthorityClient(cc grpc.ClientConnInterface) LocalAuthorityClient { + return &localAuthorityClient{cc} +} + +func (c *localAuthorityClient) GetJWTAuthorityState(ctx context.Context, in *GetJWTAuthorityStateRequest, opts ...grpc.CallOption) (*GetJWTAuthorityStateResponse, error) { + out := new(GetJWTAuthorityStateResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/GetJWTAuthorityState", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) PrepareJWTAuthority(ctx context.Context, in *PrepareJWTAuthorityRequest, opts ...grpc.CallOption) (*PrepareJWTAuthorityResponse, error) { + out := new(PrepareJWTAuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/PrepareJWTAuthority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) ActivateJWTAuthority(ctx context.Context, in *ActivateJWTAuthorityRequest, opts ...grpc.CallOption) (*ActivateJWTAuthorityResponse, error) { + out := new(ActivateJWTAuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/ActivateJWTAuthority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) TaintJWTAuthority(ctx context.Context, in *TaintJWTAuthorityRequest, opts ...grpc.CallOption) (*TaintJWTAuthorityResponse, error) { + out := new(TaintJWTAuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/TaintJWTAuthority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) RevokeJWTAuthority(ctx context.Context, in *RevokeJWTAuthorityRequest, opts ...grpc.CallOption) (*RevokeJWTAuthorityResponse, error) { + out := new(RevokeJWTAuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/RevokeJWTAuthority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) GetX509AuthorityState(ctx context.Context, in *GetX509AuthorityStateRequest, opts ...grpc.CallOption) (*GetX509AuthorityStateResponse, error) { + out := new(GetX509AuthorityStateResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/GetX509AuthorityState", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) PrepareX509Authority(ctx context.Context, in *PrepareX509AuthorityRequest, opts ...grpc.CallOption) (*PrepareX509AuthorityResponse, error) { + out := new(PrepareX509AuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/PrepareX509Authority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) ActivateX509Authority(ctx context.Context, in *ActivateX509AuthorityRequest, opts ...grpc.CallOption) (*ActivateX509AuthorityResponse, error) { + out := new(ActivateX509AuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/ActivateX509Authority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) TaintX509Authority(ctx context.Context, in *TaintX509AuthorityRequest, opts ...grpc.CallOption) (*TaintX509AuthorityResponse, error) { + out := new(TaintX509AuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/TaintX509Authority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *localAuthorityClient) RevokeX509Authority(ctx context.Context, in *RevokeX509AuthorityRequest, opts ...grpc.CallOption) (*RevokeX509AuthorityResponse, error) { + out := new(RevokeX509AuthorityResponse) + err := c.cc.Invoke(ctx, "/spire.api.server.localauthority.v1.LocalAuthority/RevokeX509Authority", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// LocalAuthorityServer is the server API for LocalAuthority service. +// All implementations must embed UnimplementedLocalAuthorityServer +// for forward compatibility +type LocalAuthorityServer interface { + // GetJWTAuthorityState returns the state of all locally configured + // JWT authorities. + GetJWTAuthorityState(context.Context, *GetJWTAuthorityStateRequest) (*GetJWTAuthorityStateResponse, error) + // PrepareJWTAuthority prepares a new JWT authority for use by + // generating a new key and injecting it into the bundle. This action + // will propagate the new public key cluster-wide. + PrepareJWTAuthority(context.Context, *PrepareJWTAuthorityRequest) (*PrepareJWTAuthorityResponse, error) + // ActivateJWTAuthority activates a prepared JWT authority for use, + // which will cause it to be used for all JWT signing operations + // serviced by this server going forward. If a new JWT authority has + // not already been prepared, a FailedPrecondition error will be returned. + ActivateJWTAuthority(context.Context, *ActivateJWTAuthorityRequest) (*ActivateJWTAuthorityResponse, error) + // TaintJWTAuthority marks the previously active JWT authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + TaintJWTAuthority(context.Context, *TaintJWTAuthorityRequest) (*TaintJWTAuthorityResponse, error) + // RevokeJWTAuthority revokes the previously active JWT authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the Authority ID of an old JWT authority. + // + // If a previously active JWT authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + RevokeJWTAuthority(context.Context, *RevokeJWTAuthorityRequest) (*RevokeJWTAuthorityResponse, error) + // GetX509AuthorityState returns the state of all locally configured + // X.509 authorities. + GetX509AuthorityState(context.Context, *GetX509AuthorityStateRequest) (*GetX509AuthorityStateResponse, error) + // PrepareX509Authority prepares a new X.509 authority for use by + // generating a new key and injecting the resulting CA certificate into + // the bundle. This action will propagate the new CA cluster-wide. + PrepareX509Authority(context.Context, *PrepareX509AuthorityRequest) (*PrepareX509AuthorityResponse, error) + // ActivateX509Authority activates a prepared X.509 authority for use, + // which will cause it to be used for all X.509 signing operations + // serviced by this server going forward. If a new X.509 authority has + // not already been prepared, a FailedPrecondition error will be returned. + ActivateX509Authority(context.Context, *ActivateX509AuthorityRequest) (*ActivateX509AuthorityResponse, error) + // TaintX509Authority marks the previously active X.509 authority as + // being tainted. SPIRE Agents observing an authority to be tainted + // will perform proactive rotations of any key material related to + // the tainted authority. The result of this action will be observed + // cluster-wide. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + TaintX509Authority(context.Context, *TaintX509AuthorityRequest) (*TaintX509AuthorityResponse, error) + // RevokeX509Authority revokes the previously active X.509 authority by + // removing it from the bundle and propagating this update throughout + // the cluster. + // It can receive the public key of an old X.509 authority. + // + // If a previously active X.509 authority does not exist (e.g. if one + // has been prepared but not activated yet), a FailedPrecondition + // error will be returned. + RevokeX509Authority(context.Context, *RevokeX509AuthorityRequest) (*RevokeX509AuthorityResponse, error) + mustEmbedUnimplementedLocalAuthorityServer() +} + +// UnimplementedLocalAuthorityServer must be embedded to have forward compatible implementations. +type UnimplementedLocalAuthorityServer struct { +} + +func (UnimplementedLocalAuthorityServer) GetJWTAuthorityState(context.Context, *GetJWTAuthorityStateRequest) (*GetJWTAuthorityStateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetJWTAuthorityState not implemented") +} +func (UnimplementedLocalAuthorityServer) PrepareJWTAuthority(context.Context, *PrepareJWTAuthorityRequest) (*PrepareJWTAuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method PrepareJWTAuthority not implemented") +} +func (UnimplementedLocalAuthorityServer) ActivateJWTAuthority(context.Context, *ActivateJWTAuthorityRequest) (*ActivateJWTAuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ActivateJWTAuthority not implemented") +} +func (UnimplementedLocalAuthorityServer) TaintJWTAuthority(context.Context, *TaintJWTAuthorityRequest) (*TaintJWTAuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method TaintJWTAuthority not implemented") +} +func (UnimplementedLocalAuthorityServer) RevokeJWTAuthority(context.Context, *RevokeJWTAuthorityRequest) (*RevokeJWTAuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RevokeJWTAuthority not implemented") +} +func (UnimplementedLocalAuthorityServer) GetX509AuthorityState(context.Context, *GetX509AuthorityStateRequest) (*GetX509AuthorityStateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetX509AuthorityState not implemented") +} +func (UnimplementedLocalAuthorityServer) PrepareX509Authority(context.Context, *PrepareX509AuthorityRequest) (*PrepareX509AuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method PrepareX509Authority not implemented") +} +func (UnimplementedLocalAuthorityServer) ActivateX509Authority(context.Context, *ActivateX509AuthorityRequest) (*ActivateX509AuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ActivateX509Authority not implemented") +} +func (UnimplementedLocalAuthorityServer) TaintX509Authority(context.Context, *TaintX509AuthorityRequest) (*TaintX509AuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method TaintX509Authority not implemented") +} +func (UnimplementedLocalAuthorityServer) RevokeX509Authority(context.Context, *RevokeX509AuthorityRequest) (*RevokeX509AuthorityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RevokeX509Authority not implemented") +} +func (UnimplementedLocalAuthorityServer) mustEmbedUnimplementedLocalAuthorityServer() {} + +// UnsafeLocalAuthorityServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to LocalAuthorityServer will +// result in compilation errors. +type UnsafeLocalAuthorityServer interface { + mustEmbedUnimplementedLocalAuthorityServer() +} + +func RegisterLocalAuthorityServer(s grpc.ServiceRegistrar, srv LocalAuthorityServer) { + s.RegisterService(&_LocalAuthority_serviceDesc, srv) +} + +func _LocalAuthority_GetJWTAuthorityState_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetJWTAuthorityStateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).GetJWTAuthorityState(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/GetJWTAuthorityState", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).GetJWTAuthorityState(ctx, req.(*GetJWTAuthorityStateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_PrepareJWTAuthority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PrepareJWTAuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).PrepareJWTAuthority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/PrepareJWTAuthority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).PrepareJWTAuthority(ctx, req.(*PrepareJWTAuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_ActivateJWTAuthority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ActivateJWTAuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).ActivateJWTAuthority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/ActivateJWTAuthority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).ActivateJWTAuthority(ctx, req.(*ActivateJWTAuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_TaintJWTAuthority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(TaintJWTAuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).TaintJWTAuthority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/TaintJWTAuthority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).TaintJWTAuthority(ctx, req.(*TaintJWTAuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_RevokeJWTAuthority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(RevokeJWTAuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).RevokeJWTAuthority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/RevokeJWTAuthority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).RevokeJWTAuthority(ctx, req.(*RevokeJWTAuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_GetX509AuthorityState_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetX509AuthorityStateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).GetX509AuthorityState(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/GetX509AuthorityState", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).GetX509AuthorityState(ctx, req.(*GetX509AuthorityStateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_PrepareX509Authority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(PrepareX509AuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).PrepareX509Authority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/PrepareX509Authority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).PrepareX509Authority(ctx, req.(*PrepareX509AuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_ActivateX509Authority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ActivateX509AuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).ActivateX509Authority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/ActivateX509Authority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).ActivateX509Authority(ctx, req.(*ActivateX509AuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_TaintX509Authority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(TaintX509AuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).TaintX509Authority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/TaintX509Authority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).TaintX509Authority(ctx, req.(*TaintX509AuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _LocalAuthority_RevokeX509Authority_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(RevokeX509AuthorityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(LocalAuthorityServer).RevokeX509Authority(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/spire.api.server.localauthority.v1.LocalAuthority/RevokeX509Authority", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(LocalAuthorityServer).RevokeX509Authority(ctx, req.(*RevokeX509AuthorityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +var _LocalAuthority_serviceDesc = grpc.ServiceDesc{ + ServiceName: "spire.api.server.localauthority.v1.LocalAuthority", + HandlerType: (*LocalAuthorityServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "GetJWTAuthorityState", + Handler: _LocalAuthority_GetJWTAuthorityState_Handler, + }, + { + MethodName: "PrepareJWTAuthority", + Handler: _LocalAuthority_PrepareJWTAuthority_Handler, + }, + { + MethodName: "ActivateJWTAuthority", + Handler: _LocalAuthority_ActivateJWTAuthority_Handler, + }, + { + MethodName: "TaintJWTAuthority", + Handler: _LocalAuthority_TaintJWTAuthority_Handler, + }, + { + MethodName: "RevokeJWTAuthority", + Handler: _LocalAuthority_RevokeJWTAuthority_Handler, + }, + { + MethodName: "GetX509AuthorityState", + Handler: _LocalAuthority_GetX509AuthorityState_Handler, + }, + { + MethodName: "PrepareX509Authority", + Handler: _LocalAuthority_PrepareX509Authority_Handler, + }, + { + MethodName: "ActivateX509Authority", + Handler: _LocalAuthority_ActivateX509Authority_Handler, + }, + { + MethodName: "TaintX509Authority", + Handler: _LocalAuthority_TaintX509Authority_Handler, + }, + { + MethodName: "RevokeX509Authority", + Handler: _LocalAuthority_RevokeX509Authority_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "spire/api/server/localauthority/v1/localauthority.proto", +} diff --git a/proto/spire/api/server/svid/v1/svid.pb.go b/proto/spire/api/server/svid/v1/svid.pb.go index 3019aff..47db3f4 100644 --- a/proto/spire/api/server/svid/v1/svid.pb.go +++ b/proto/spire/api/server/svid/v1/svid.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/svid/v1/svid.proto package svidv1 diff --git a/proto/spire/api/server/trustdomain/v1/trustdomain.pb.go b/proto/spire/api/server/trustdomain/v1/trustdomain.pb.go index ff1f106..62f4664 100644 --- a/proto/spire/api/server/trustdomain/v1/trustdomain.pb.go +++ b/proto/spire/api/server/trustdomain/v1/trustdomain.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/server/trustdomain/v1/trustdomain.proto package trustdomain diff --git a/proto/spire/api/types/agent.pb.go b/proto/spire/api/types/agent.pb.go index cf7b599..82b0641 100644 --- a/proto/spire/api/types/agent.pb.go +++ b/proto/spire/api/types/agent.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/agent.proto package types @@ -9,6 +9,7 @@ package types import ( protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" + _ "google.golang.org/protobuf/types/known/wrapperspb" reflect "reflect" sync "sync" ) @@ -37,6 +38,8 @@ type Agent struct { Selectors []*Selector `protobuf:"bytes,5,rep,name=selectors,proto3" json:"selectors,omitempty"` // Output only. Whether or not the agent is banned. Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"` + // Output only. Whether or not the agent can re-attest. + CanReattest bool `protobuf:"varint,7,opt,name=can_reattest,json=canReattest,proto3" json:"can_reattest,omitempty"` } func (x *Agent) Reset() { @@ -113,6 +116,13 @@ func (x *Agent) GetBanned() bool { return false } +func (x *Agent) GetCanReattest() bool { + if x != nil { + return x.CanReattest + } + return false +} + type AgentMask struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -128,6 +138,8 @@ type AgentMask struct { Selectors bool `protobuf:"varint,5,opt,name=selectors,proto3" json:"selectors,omitempty"` // banned field mask Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"` + // can_reattest field mask + CanReattest bool `protobuf:"varint,7,opt,name=can_reattest,json=canReattest,proto3" json:"can_reattest,omitempty"` } func (x *AgentMask) Reset() { @@ -197,6 +209,13 @@ func (x *AgentMask) GetBanned() bool { return false } +func (x *AgentMask) GetCanReattest() bool { + if x != nil { + return x.CanReattest + } + return false +} + var File_spire_api_types_agent_proto protoreflect.FileDescriptor var file_spire_api_types_agent_proto_rawDesc = []byte{ @@ -206,7 +225,9 @@ var file_spire_api_types_agent_proto_rawDesc = []byte{ 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, - 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x94, + 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, + 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb7, 0x02, 0x0a, 0x05, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x12, 0x29, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, 0x45, 0x49, 0x44, 0x52, @@ -224,24 +245,29 @@ var file_spire_api_types_agent_proto_rawDesc = []byte{ 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x62, - 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x22, 0xd2, 0x01, 0x0a, 0x09, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4d, - 0x61, 0x73, 0x6b, 0x12, 0x29, 0x0a, 0x10, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x61, - 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x34, - 0x0a, 0x16, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x69, 0x61, - 0x6c, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, - 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, - 0x6d, 0x62, 0x65, 0x72, 0x12, 0x2e, 0x0a, 0x13, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, - 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x08, 0x52, 0x11, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x45, 0x78, 0x70, 0x69, 0x72, - 0x65, 0x73, 0x41, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, - 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x18, 0x06, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, - 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, - 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x61, 0x6e, 0x5f, 0x72, 0x65, 0x61, + 0x74, 0x74, 0x65, 0x73, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x63, 0x61, 0x6e, + 0x52, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x22, 0xf5, 0x01, 0x0a, 0x09, 0x41, 0x67, 0x65, + 0x6e, 0x74, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x29, 0x0a, 0x10, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x0f, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, + 0x65, 0x12, 0x34, 0x0a, 0x16, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x73, 0x65, + 0x72, 0x69, 0x61, 0x6c, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x14, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x53, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x2e, 0x0a, 0x13, 0x78, 0x35, 0x30, 0x39, 0x73, + 0x76, 0x69, 0x64, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x78, 0x35, 0x30, 0x39, 0x73, 0x76, 0x69, 0x64, 0x45, 0x78, + 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, + 0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x18, + 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x64, 0x12, 0x21, 0x0a, + 0x0c, 0x63, 0x61, 0x6e, 0x5f, 0x72, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x18, 0x07, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x0b, 0x63, 0x61, 0x6e, 0x52, 0x65, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, + 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, + 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, + 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, } var ( diff --git a/proto/spire/api/types/agent.proto b/proto/spire/api/types/agent.proto index c490bb9..5d96ef8 100644 --- a/proto/spire/api/types/agent.proto +++ b/proto/spire/api/types/agent.proto @@ -4,6 +4,7 @@ option go_package = "github.com/spiffe/spire-api-sdk/proto/spire/api/types"; import "spire/api/types/selector.proto"; import "spire/api/types/spiffeid.proto"; +import "google/protobuf/wrappers.proto"; message Agent { // Output only. SPIFFE ID of the agent. @@ -23,6 +24,9 @@ message Agent { // Output only. Whether or not the agent is banned. bool banned = 6; + + // Output only. Whether or not the agent can re-attest. + bool can_reattest = 7; } message AgentMask { @@ -40,4 +44,7 @@ message AgentMask { // banned field mask bool banned = 6; + + // can_reattest field mask + bool can_reattest = 7; } diff --git a/proto/spire/api/types/attestation.pb.go b/proto/spire/api/types/attestation.pb.go index 4683df1..a2eb73a 100644 --- a/proto/spire/api/types/attestation.pb.go +++ b/proto/spire/api/types/attestation.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/attestation.proto package types diff --git a/proto/spire/api/types/bundle.pb.go b/proto/spire/api/types/bundle.pb.go index 541638e..3a66a57 100644 --- a/proto/spire/api/types/bundle.pb.go +++ b/proto/spire/api/types/bundle.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/bundle.proto package types @@ -112,6 +112,8 @@ type X509Certificate struct { // The ASN.1 DER encoded bytes of the X.509 certificate. Asn1 []byte `protobuf:"bytes,1,opt,name=asn1,proto3" json:"asn1,omitempty"` + // This authority is no longer secure and must not be used. + Tainted bool `protobuf:"varint,2,opt,name=tainted,proto3" json:"tainted,omitempty"` } func (x *X509Certificate) Reset() { @@ -153,6 +155,13 @@ func (x *X509Certificate) GetAsn1() []byte { return nil } +func (x *X509Certificate) GetTainted() bool { + if x != nil { + return x.Tainted + } + return false +} + type JWTKey struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -165,6 +174,8 @@ type JWTKey struct { // When the key expires (seconds since Unix epoch). If zero, the key does // not expire. ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` + // This authority is no longer secure and must not be used + Tainted bool `protobuf:"varint,4,opt,name=tainted,proto3" json:"tainted,omitempty"` } func (x *JWTKey) Reset() { @@ -220,6 +231,13 @@ func (x *JWTKey) GetExpiresAt() int64 { return 0 } +func (x *JWTKey) GetTainted() bool { + if x != nil { + return x.Tainted + } + return false +} + type BundleMask struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -317,30 +335,34 @@ var file_spire_api_types_bundle_proto_rawDesc = []byte{ 0x28, 0x03, 0x52, 0x0b, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x48, 0x69, 0x6e, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0e, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, - 0x63, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0x25, 0x0a, 0x0f, 0x58, 0x35, 0x30, 0x39, + 0x63, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0x3f, 0x0a, 0x0f, 0x58, 0x35, 0x30, 0x39, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x61, - 0x73, 0x6e, 0x31, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x61, 0x73, 0x6e, 0x31, 0x22, - 0x5d, 0x0a, 0x06, 0x4a, 0x57, 0x54, 0x4b, 0x65, 0x79, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x70, - 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, - 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, - 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x22, 0xac, - 0x01, 0x0a, 0x0a, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x29, 0x0a, - 0x10, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, - 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x78, 0x35, 0x30, 0x39, 0x41, 0x75, 0x74, - 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x6a, 0x77, 0x74, 0x5f, - 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x08, 0x52, 0x0e, 0x6a, 0x77, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, - 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x68, 0x69, 0x6e, - 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, - 0x48, 0x69, 0x6e, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, - 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x73, - 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x42, 0x37, 0x5a, - 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, - 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, - 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, - 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x73, 0x6e, 0x31, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x61, 0x73, 0x6e, 0x31, 0x12, + 0x18, 0x0a, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x22, 0x77, 0x0a, 0x06, 0x4a, 0x57, 0x54, + 0x4b, 0x65, 0x79, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, + 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, + 0x65, 0x79, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, + 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, + 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x74, 0x61, 0x69, 0x6e, + 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, + 0x65, 0x64, 0x22, 0xac, 0x01, 0x0a, 0x0a, 0x42, 0x75, 0x6e, 0x64, 0x6c, 0x65, 0x4d, 0x61, 0x73, + 0x6b, 0x12, 0x29, 0x0a, 0x10, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x78, 0x35, 0x30, + 0x39, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x27, 0x0a, 0x0f, + 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x6a, 0x77, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, + 0x5f, 0x68, 0x69, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x72, 0x65, 0x66, + 0x72, 0x65, 0x73, 0x68, 0x48, 0x69, 0x6e, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x71, 0x75, + 0x65, 0x6e, 0x63, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x0e, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, + 0x72, 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, + 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, + 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, + 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( diff --git a/proto/spire/api/types/bundle.proto b/proto/spire/api/types/bundle.proto index 435f339..d011ba6 100644 --- a/proto/spire/api/types/bundle.proto +++ b/proto/spire/api/types/bundle.proto @@ -23,6 +23,9 @@ message Bundle { message X509Certificate { // The ASN.1 DER encoded bytes of the X.509 certificate. bytes asn1 = 1; + + // This authority is no longer secure and must not be used. + bool tainted = 2; } message JWTKey { @@ -35,6 +38,9 @@ message JWTKey { // When the key expires (seconds since Unix epoch). If zero, the key does // not expire. int64 expires_at = 3; + + // This authority is no longer secure and must not be used + bool tainted = 4; } message BundleMask { diff --git a/proto/spire/api/types/entry.pb.go b/proto/spire/api/types/entry.pb.go index 383024a..8e826c2 100644 --- a/proto/spire/api/types/entry.pb.go +++ b/proto/spire/api/types/entry.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/entry.proto package types @@ -39,8 +39,9 @@ type Entry struct { // node attestation. Otherwise, these selectors represent those produced by // workload attestation. Selectors []*Selector `protobuf:"bytes,4,rep,name=selectors,proto3" json:"selectors,omitempty"` - // The time to live for identities issued for this entry (in seconds). - Ttl int32 `protobuf:"varint,5,opt,name=ttl,proto3" json:"ttl,omitempty"` + // The time to live for X509-SVID identities issued for this entry (in seconds). + // Previously called ttl + X509SvidTtl int32 `protobuf:"varint,5,opt,name=x509_svid_ttl,json=x509SvidTtl,proto3" json:"x509_svid_ttl,omitempty"` // The names of trust domains the identity described by this entry // federates with. FederatesWith []string `protobuf:"bytes,6,rep,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"` @@ -61,6 +62,13 @@ type Entry struct { RevisionNumber int64 `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"` // Determines if the issued identity is exportable to a store StoreSvid bool `protobuf:"varint,12,opt,name=store_svid,json=storeSvid,proto3" json:"store_svid,omitempty"` + // The time to live for JWT-SVID identities issued for this entry (in seconds), overrides ttl if set. + JwtSvidTtl int32 `protobuf:"varint,13,opt,name=jwt_svid_ttl,json=jwtSvidTtl,proto3" json:"jwt_svid_ttl,omitempty"` + // An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + Hint string `protobuf:"bytes,14,opt,name=hint,proto3" json:"hint,omitempty"` + // When the entry was created (seconds since Unix epoch). + CreatedAt int64 `protobuf:"varint,15,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` } func (x *Entry) Reset() { @@ -123,9 +131,9 @@ func (x *Entry) GetSelectors() []*Selector { return nil } -func (x *Entry) GetTtl() int32 { +func (x *Entry) GetX509SvidTtl() int32 { if x != nil { - return x.Ttl + return x.X509SvidTtl } return 0 } @@ -179,6 +187,27 @@ func (x *Entry) GetStoreSvid() bool { return false } +func (x *Entry) GetJwtSvidTtl() int32 { + if x != nil { + return x.JwtSvidTtl + } + return 0 +} + +func (x *Entry) GetHint() string { + if x != nil { + return x.Hint + } + return "" +} + +func (x *Entry) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + // Field mask for Entry fields type EntryMask struct { state protoimpl.MessageState @@ -191,8 +220,8 @@ type EntryMask struct { ParentId bool `protobuf:"varint,3,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` // selectors field mask Selectors bool `protobuf:"varint,4,opt,name=selectors,proto3" json:"selectors,omitempty"` - // ttl field mask - Ttl bool `protobuf:"varint,5,opt,name=ttl,proto3" json:"ttl,omitempty"` + // x509_svid_ttl field mask + X509SvidTtl bool `protobuf:"varint,5,opt,name=x509_svid_ttl,json=x509SvidTtl,proto3" json:"x509_svid_ttl,omitempty"` // federates_with field mask FederatesWith bool `protobuf:"varint,6,opt,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"` // admin field mask @@ -207,6 +236,12 @@ type EntryMask struct { RevisionNumber bool `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"` // store_svid field mask StoreSvid bool `protobuf:"varint,12,opt,name=store_svid,json=storeSvid,proto3" json:"store_svid,omitempty"` + // jwt_svid_ttl field mask + JwtSvidTtl bool `protobuf:"varint,13,opt,name=jwt_svid_ttl,json=jwtSvidTtl,proto3" json:"jwt_svid_ttl,omitempty"` + // hint field mask + Hint bool `protobuf:"varint,14,opt,name=hint,proto3" json:"hint,omitempty"` + // created_at field mask + CreatedAt bool `protobuf:"varint,15,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` } func (x *EntryMask) Reset() { @@ -262,9 +297,9 @@ func (x *EntryMask) GetSelectors() bool { return false } -func (x *EntryMask) GetTtl() bool { +func (x *EntryMask) GetX509SvidTtl() bool { if x != nil { - return x.Ttl + return x.X509SvidTtl } return false } @@ -318,6 +353,27 @@ func (x *EntryMask) GetStoreSvid() bool { return false } +func (x *EntryMask) GetJwtSvidTtl() bool { + if x != nil { + return x.JwtSvidTtl + } + return false +} + +func (x *EntryMask) GetHint() bool { + if x != nil { + return x.Hint + } + return false +} + +func (x *EntryMask) GetCreatedAt() bool { + if x != nil { + return x.CreatedAt + } + return false +} + var File_spire_api_types_entry_proto protoreflect.FileDescriptor var file_spire_api_types_entry_proto_rawDesc = []byte{ @@ -327,8 +383,8 @@ var file_spire_api_types_entry_proto_rawDesc = []byte{ 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, - 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb3, - 0x03, 0x0a, 0x05, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x9a, + 0x04, 0x0a, 0x05, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x36, 0x0a, 0x09, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, @@ -340,47 +396,60 @@ var file_spire_api_types_entry_proto_rawDesc = []byte{ 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, - 0x73, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x74, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, - 0x74, 0x74, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, - 0x5f, 0x77, 0x69, 0x74, 0x68, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x66, 0x65, 0x64, - 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x61, 0x64, - 0x6d, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x61, 0x64, 0x6d, 0x69, 0x6e, - 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x08, - 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, - 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x09, - 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, - 0x1b, 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x03, - 0x28, 0x09, 0x52, 0x08, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x27, 0x0a, 0x0f, - 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, - 0x0b, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x4e, - 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x5f, 0x73, - 0x76, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x74, 0x6f, 0x72, 0x65, - 0x53, 0x76, 0x69, 0x64, 0x22, 0xd6, 0x02, 0x0a, 0x09, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, - 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x5f, 0x69, 0x64, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x49, 0x64, 0x12, - 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x08, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, - 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, - 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x74, 0x74, - 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x03, 0x74, 0x74, 0x6c, 0x12, 0x25, 0x0a, 0x0e, - 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x18, 0x06, - 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, - 0x69, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x05, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x6f, 0x77, - 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, - 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, - 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x65, - 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x5f, - 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x64, 0x6e, 0x73, - 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, - 0x6e, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, - 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x1d, - 0x0a, 0x0a, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x09, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x53, 0x76, 0x69, 0x64, 0x42, 0x37, 0x5a, - 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, - 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, - 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, - 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x73, 0x12, 0x22, 0x0a, 0x0d, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x74, + 0x74, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0b, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, + 0x69, 0x64, 0x54, 0x74, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, + 0x65, 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x66, + 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, + 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x61, 0x64, 0x6d, + 0x69, 0x6e, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, + 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, + 0x61, 0x6d, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, + 0x18, 0x09, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, + 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0a, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x08, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x27, + 0x0a, 0x0f, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, + 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x74, 0x6f, 0x72, 0x65, + 0x5f, 0x73, 0x76, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x74, 0x6f, + 0x72, 0x65, 0x53, 0x76, 0x69, 0x64, 0x12, 0x20, 0x0a, 0x0c, 0x6a, 0x77, 0x74, 0x5f, 0x73, 0x76, + 0x69, 0x64, 0x5f, 0x74, 0x74, 0x6c, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6a, 0x77, + 0x74, 0x53, 0x76, 0x69, 0x64, 0x54, 0x74, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x69, 0x6e, 0x74, + 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x69, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x03, + 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x22, 0xbd, 0x03, 0x0a, 0x09, + 0x45, 0x6e, 0x74, 0x72, 0x79, 0x4d, 0x61, 0x73, 0x6b, 0x12, 0x1b, 0x0a, 0x09, 0x73, 0x70, 0x69, + 0x66, 0x66, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x73, 0x70, + 0x69, 0x66, 0x66, 0x65, 0x49, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, + 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x70, 0x61, 0x72, 0x65, 0x6e, + 0x74, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x73, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x73, 0x12, 0x22, 0x0a, 0x0d, 0x78, 0x35, 0x30, 0x39, 0x5f, 0x73, 0x76, 0x69, 0x64, 0x5f, 0x74, + 0x74, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x78, 0x35, 0x30, 0x39, 0x53, 0x76, + 0x69, 0x64, 0x54, 0x74, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x66, 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, + 0x65, 0x73, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x66, + 0x65, 0x64, 0x65, 0x72, 0x61, 0x74, 0x65, 0x73, 0x57, 0x69, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, + 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x61, 0x64, 0x6d, + 0x69, 0x6e, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, + 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x6f, 0x77, 0x6e, 0x73, 0x74, 0x72, 0x65, + 0x61, 0x6d, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, + 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, + 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x0a, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x27, + 0x0a, 0x0f, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, + 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x72, 0x65, 0x76, 0x69, 0x73, 0x69, 0x6f, + 0x6e, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x74, 0x6f, 0x72, 0x65, + 0x5f, 0x73, 0x76, 0x69, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x74, 0x6f, + 0x72, 0x65, 0x53, 0x76, 0x69, 0x64, 0x12, 0x20, 0x0a, 0x0c, 0x6a, 0x77, 0x74, 0x5f, 0x73, 0x76, + 0x69, 0x64, 0x5f, 0x74, 0x74, 0x6c, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x6a, 0x77, + 0x74, 0x53, 0x76, 0x69, 0x64, 0x54, 0x74, 0x6c, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x69, 0x6e, 0x74, + 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x68, 0x69, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x42, 0x37, 0x5a, 0x35, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, + 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proto/spire/api/types/entry.proto b/proto/spire/api/types/entry.proto index 49fa467..96591ce 100644 --- a/proto/spire/api/types/entry.proto +++ b/proto/spire/api/types/entry.proto @@ -24,8 +24,9 @@ message Entry { // workload attestation. repeated spire.api.types.Selector selectors = 4; - // The time to live for identities issued for this entry (in seconds). - int32 ttl = 5; + // The time to live for X509-SVID identities issued for this entry (in seconds). + // Previously called ttl + int32 x509_svid_ttl = 5; // The names of trust domains the identity described by this entry // federates with. @@ -53,6 +54,16 @@ message Entry { // Determines if the issued identity is exportable to a store bool store_svid = 12; + + // The time to live for JWT-SVID identities issued for this entry (in seconds), overrides ttl if set. + int32 jwt_svid_ttl = 13; + + // An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + string hint = 14; + + // When the entry was created (seconds since Unix epoch). + int64 created_at = 15; } // Field mask for Entry fields @@ -66,8 +77,8 @@ message EntryMask { // selectors field mask bool selectors = 4; - // ttl field mask - bool ttl = 5; + // x509_svid_ttl field mask + bool x509_svid_ttl = 5; // federates_with field mask bool federates_with = 6; @@ -89,4 +100,13 @@ message EntryMask { // store_svid field mask bool store_svid = 12; + + // jwt_svid_ttl field mask + bool jwt_svid_ttl = 13; + + // hint field mask + bool hint = 14; + + // created_at field mask + bool created_at = 15; } diff --git a/proto/spire/api/types/federateswith.pb.go b/proto/spire/api/types/federateswith.pb.go index ad5cfff..3caac7d 100644 --- a/proto/spire/api/types/federateswith.pb.go +++ b/proto/spire/api/types/federateswith.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/federateswith.proto package types diff --git a/proto/spire/api/types/federationrelationship.pb.go b/proto/spire/api/types/federationrelationship.pb.go index ee4b0a5..6daec6d 100644 --- a/proto/spire/api/types/federationrelationship.pb.go +++ b/proto/spire/api/types/federationrelationship.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/federationrelationship.proto package types diff --git a/proto/spire/api/types/jointoken.pb.go b/proto/spire/api/types/jointoken.pb.go index 48392aa..c662774 100644 --- a/proto/spire/api/types/jointoken.pb.go +++ b/proto/spire/api/types/jointoken.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/jointoken.proto package types diff --git a/proto/spire/api/types/jwtsvid.pb.go b/proto/spire/api/types/jwtsvid.pb.go index ec9f7cb..81817af 100644 --- a/proto/spire/api/types/jwtsvid.pb.go +++ b/proto/spire/api/types/jwtsvid.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/jwtsvid.proto package types @@ -35,6 +35,11 @@ type JWTSVID struct { ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // Issuance timestamp (seconds since Unix epoch). IssuedAt int64 `protobuf:"varint,4,opt,name=issued_at,json=issuedAt,proto3" json:"issued_at,omitempty"` + // Optional. An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + // For example, `internal` and `external` to indicate an SVID for internal or + // external use, respectively. + Hint string `protobuf:"bytes,5,opt,name=hint,proto3" json:"hint,omitempty"` } func (x *JWTSVID) Reset() { @@ -97,6 +102,13 @@ func (x *JWTSVID) GetIssuedAt() int64 { return 0 } +func (x *JWTSVID) GetHint() string { + if x != nil { + return x.Hint + } + return "" +} + var File_spire_api_types_jwtsvid_proto protoreflect.FileDescriptor var file_spire_api_types_jwtsvid_proto_rawDesc = []byte{ @@ -105,7 +117,7 @@ var file_spire_api_types_jwtsvid_proto_rawDesc = []byte{ 0x0f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x22, 0x86, 0x01, 0x0a, 0x07, 0x4a, 0x57, 0x54, 0x53, 0x56, 0x49, 0x44, 0x12, 0x14, 0x0a, 0x05, + 0x22, 0x9a, 0x01, 0x0a, 0x07, 0x4a, 0x57, 0x54, 0x53, 0x56, 0x49, 0x44, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x29, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, @@ -113,11 +125,12 @@ var file_spire_api_types_jwtsvid_proto_rawDesc = []byte{ 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, - 0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, - 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, - 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, - 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x41, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x69, 0x6e, + 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x69, 0x6e, 0x74, 0x42, 0x37, 0x5a, + 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, + 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, + 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, + 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proto/spire/api/types/jwtsvid.proto b/proto/spire/api/types/jwtsvid.proto index 51f840a..96e7fc8 100644 --- a/proto/spire/api/types/jwtsvid.proto +++ b/proto/spire/api/types/jwtsvid.proto @@ -18,4 +18,10 @@ message JWTSVID { // Issuance timestamp (seconds since Unix epoch). int64 issued_at = 4; + + // Optional. An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + // For example, `internal` and `external` to indicate an SVID for internal or + // external use, respectively. + string hint = 5; } diff --git a/proto/spire/api/types/selector.pb.go b/proto/spire/api/types/selector.pb.go index 49ed932..afe8470 100644 --- a/proto/spire/api/types/selector.pb.go +++ b/proto/spire/api/types/selector.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/selector.proto package types diff --git a/proto/spire/api/types/spiffeid.pb.go b/proto/spire/api/types/spiffeid.pb.go index 9fd4b6a..1ad5b87 100644 --- a/proto/spire/api/types/spiffeid.pb.go +++ b/proto/spire/api/types/spiffeid.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/spiffeid.proto package types diff --git a/proto/spire/api/types/status.pb.go b/proto/spire/api/types/status.pb.go index 210d805..e87a3b4 100644 --- a/proto/spire/api/types/status.pb.go +++ b/proto/spire/api/types/status.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/status.proto package types @@ -33,6 +33,8 @@ const ( PermissionDeniedDetails_AGENT_NOT_ACTIVE PermissionDeniedDetails_Reason = 3 // Agent has been banned. PermissionDeniedDetails_AGENT_BANNED PermissionDeniedDetails_Reason = 4 + // Agent attempted to renew SVID, but should reattest instead + PermissionDeniedDetails_AGENT_MUST_REATTEST PermissionDeniedDetails_Reason = 5 ) // Enum value maps for PermissionDeniedDetails_Reason. @@ -43,13 +45,15 @@ var ( 2: "AGENT_NOT_ATTESTED", 3: "AGENT_NOT_ACTIVE", 4: "AGENT_BANNED", + 5: "AGENT_MUST_REATTEST", } PermissionDeniedDetails_Reason_value = map[string]int32{ - "UNKNOWN": 0, - "AGENT_EXPIRED": 1, - "AGENT_NOT_ATTESTED": 2, - "AGENT_NOT_ACTIVE": 3, - "AGENT_BANNED": 4, + "UNKNOWN": 0, + "AGENT_EXPIRED": 1, + "AGENT_NOT_ATTESTED": 2, + "AGENT_NOT_ACTIVE": 3, + "AGENT_BANNED": 4, + "AGENT_MUST_REATTEST": 5, } ) @@ -193,24 +197,26 @@ var file_spire_api_types_status_proto_rawDesc = []byte{ 0x36, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, - 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0xcc, 0x01, 0x0a, 0x17, 0x50, 0x65, 0x72, 0x6d, + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0xe6, 0x01, 0x0a, 0x17, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x44, 0x65, 0x6e, 0x69, 0x65, 0x64, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x47, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x44, 0x65, 0x6e, 0x69, 0x65, 0x64, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x2e, 0x52, 0x65, - 0x61, 0x73, 0x6f, 0x6e, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x22, 0x68, 0x0a, 0x06, - 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, - 0x4e, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x45, 0x58, 0x50, - 0x49, 0x52, 0x45, 0x44, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, - 0x4e, 0x4f, 0x54, 0x5f, 0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x45, 0x44, 0x10, 0x02, 0x12, 0x14, - 0x0a, 0x10, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x41, 0x43, 0x54, 0x49, - 0x56, 0x45, 0x10, 0x03, 0x12, 0x10, 0x0a, 0x0c, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x42, 0x41, - 0x4e, 0x4e, 0x45, 0x44, 0x10, 0x04, 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, - 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, - 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x73, 0x6f, 0x6e, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x22, 0x81, 0x01, 0x0a, + 0x06, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, + 0x57, 0x4e, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x45, 0x58, + 0x50, 0x49, 0x52, 0x45, 0x44, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x41, 0x47, 0x45, 0x4e, 0x54, + 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x45, 0x44, 0x10, 0x02, 0x12, + 0x14, 0x0a, 0x10, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x41, 0x43, 0x54, + 0x49, 0x56, 0x45, 0x10, 0x03, 0x12, 0x10, 0x0a, 0x0c, 0x41, 0x47, 0x45, 0x4e, 0x54, 0x5f, 0x42, + 0x41, 0x4e, 0x4e, 0x45, 0x44, 0x10, 0x04, 0x12, 0x17, 0x0a, 0x13, 0x41, 0x47, 0x45, 0x4e, 0x54, + 0x5f, 0x4d, 0x55, 0x53, 0x54, 0x5f, 0x52, 0x45, 0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x10, 0x05, + 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, + 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, + 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, + 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, } var ( diff --git a/proto/spire/api/types/status.proto b/proto/spire/api/types/status.proto index 498bd10..73aca8c 100644 --- a/proto/spire/api/types/status.proto +++ b/proto/spire/api/types/status.proto @@ -22,6 +22,8 @@ message PermissionDeniedDetails { AGENT_NOT_ACTIVE = 3; // Agent has been banned. AGENT_BANNED = 4; + // Agent attempted to renew SVID, but should reattest instead + AGENT_MUST_REATTEST=5; } Reason reason = 1; } diff --git a/proto/spire/api/types/x509svid.pb.go b/proto/spire/api/types/x509svid.pb.go index 450465e..9dc45c7 100644 --- a/proto/spire/api/types/x509svid.pb.go +++ b/proto/spire/api/types/x509svid.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 -// protoc v3.14.0 +// protoc-gen-go v1.28.0 +// protoc v3.20.1 // source: spire/api/types/x509svid.proto package types @@ -34,6 +34,11 @@ type X509SVID struct { Id *SPIFFEID `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` // Expiration timestamp (seconds since Unix epoch). ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` + // Optional. An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + // For example, `internal` and `external` to indicate an SVID for internal or + // external use, respectively. + Hint string `protobuf:"bytes,4,opt,name=hint,proto3" json:"hint,omitempty"` } func (x *X509SVID) Reset() { @@ -89,6 +94,13 @@ func (x *X509SVID) GetExpiresAt() int64 { return 0 } +func (x *X509SVID) GetHint() string { + if x != nil { + return x.Hint + } + return "" +} + var File_spire_api_types_x509svid_proto protoreflect.FileDescriptor var file_spire_api_types_x509svid_proto_rawDesc = []byte{ @@ -97,18 +109,19 @@ var file_spire_api_types_x509svid_proto_rawDesc = []byte{ 0x12, 0x0f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x1a, 0x1e, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x69, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x22, 0x73, 0x0a, 0x08, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x12, 0x1d, 0x0a, - 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, - 0x0c, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x12, 0x29, 0x0a, 0x02, - 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, 0x65, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, 0x46, - 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, - 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, - 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x42, 0x37, 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, 0x2f, 0x73, 0x70, 0x69, 0x72, - 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, - 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x62, - 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6f, 0x22, 0x87, 0x01, 0x0a, 0x08, 0x58, 0x35, 0x30, 0x39, 0x53, 0x56, 0x49, 0x44, 0x12, 0x1d, + 0x0a, 0x0a, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x63, 0x68, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0c, 0x52, 0x09, 0x63, 0x65, 0x72, 0x74, 0x43, 0x68, 0x61, 0x69, 0x6e, 0x12, 0x29, 0x0a, + 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x69, 0x72, + 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x53, 0x50, 0x49, 0x46, + 0x46, 0x45, 0x49, 0x44, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, + 0x72, 0x65, 0x73, 0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, + 0x70, 0x69, 0x72, 0x65, 0x73, 0x41, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x69, 0x6e, 0x74, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x69, 0x6e, 0x74, 0x42, 0x37, 0x5a, 0x35, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x70, 0x69, 0x66, 0x66, 0x65, + 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2d, 0x61, 0x70, 0x69, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x73, 0x70, 0x69, 0x72, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x74, + 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proto/spire/api/types/x509svid.proto b/proto/spire/api/types/x509svid.proto index e4b1466..9984de2 100644 --- a/proto/spire/api/types/x509svid.proto +++ b/proto/spire/api/types/x509svid.proto @@ -16,4 +16,10 @@ message X509SVID { // Expiration timestamp (seconds since Unix epoch). int64 expires_at = 3; + + // Optional. An operator-specified string used to provide guidance on how this + // identity should be used by a workload when more than one SVID is returned. + // For example, `internal` and `external` to indicate an SVID for internal or + // external use, respectively. + string hint = 4; }