mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
ci: add workflow for proto code generation check
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
parent
3b59ebfd53
commit
94c0184e4d
35
.github/workflows/test-proto.yml
vendored
Normal file
35
.github/workflows/test-proto.yml
vendored
Normal file
@ -0,0 +1,35 @@
|
||||
name: Proto generate check
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- "release/**"
|
||||
paths:
|
||||
- "**.proto"
|
||||
- ".github/workflows/test-proto.yml"
|
||||
- "proto/Dockerfile.gen-proto"
|
||||
pull_request:
|
||||
paths:
|
||||
- "**.proto"
|
||||
- ".github/workflows/test-proto.yml"
|
||||
- "proto/Dockerfile.gen-proto"
|
||||
|
||||
jobs:
|
||||
go-generate:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
|
||||
with:
|
||||
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
||||
|
||||
- name: Generate proto
|
||||
shell: bash
|
||||
working-directory: proto
|
||||
env:
|
||||
DOCKER_BUILDKIT: 1
|
||||
run: |
|
||||
docker build -o .. -f Dockerfile.gen-proto ..
|
||||
git diff --exit-code
|
@ -27,7 +27,9 @@ type RecoverMessage struct {
|
||||
|
||||
// bytes state_disk_key = 1; removed
|
||||
// bytes measurement_secret = 2; removed
|
||||
// kms_uri is the URI of the KMS the recoveryserver should use to decrypt DEKs.
|
||||
KmsUri string `protobuf:"bytes,3,opt,name=kms_uri,json=kmsUri,proto3" json:"kms_uri,omitempty"`
|
||||
// storage_uri is the URI of the storage location the recoveryserver should use to fetch DEKs.
|
||||
StorageUri string `protobuf:"bytes,4,opt,name=storage_uri,json=storageUri,proto3" json:"storage_uri,omitempty"`
|
||||
}
|
||||
|
||||
|
@ -22,6 +22,7 @@ const _ = grpc.SupportPackageIsVersion7
|
||||
//
|
||||
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
||||
type APIClient interface {
|
||||
// Recover sends the necessary information to the recoveryserver to initiate recovery of a node.
|
||||
Recover(ctx context.Context, in *RecoverMessage, opts ...grpc.CallOption) (*RecoverResponse, error)
|
||||
}
|
||||
|
||||
@ -46,6 +47,7 @@ func (c *aPIClient) Recover(ctx context.Context, in *RecoverMessage, opts ...grp
|
||||
// All implementations must embed UnimplementedAPIServer
|
||||
// for forward compatibility
|
||||
type APIServer interface {
|
||||
// Recover sends the necessary information to the recoveryserver to initiate recovery of a node.
|
||||
Recover(context.Context, *RecoverMessage) (*RecoverResponse, error)
|
||||
mustEmbedUnimplementedAPIServer()
|
||||
}
|
||||
|
@ -25,8 +25,11 @@ type IssueJoinTicketRequest struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// disk_uuid is the UUID of a node's state disk.
|
||||
DiskUuid string `protobuf:"bytes,1,opt,name=disk_uuid,json=diskUuid,proto3" json:"disk_uuid,omitempty"`
|
||||
// certificate_request is a certificate request for the node's kubelet certificate.
|
||||
CertificateRequest []byte `protobuf:"bytes,2,opt,name=certificate_request,json=certificateRequest,proto3" json:"certificate_request,omitempty"`
|
||||
// is_control_plane indicates whether the node is a control-plane node.
|
||||
IsControlPlane bool `protobuf:"varint,3,opt,name=is_control_plane,json=isControlPlane,proto3" json:"is_control_plane,omitempty"`
|
||||
}
|
||||
|
||||
@ -88,15 +91,27 @@ type IssueJoinTicketResponse struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// state_disk_key is the key used to encrypt the state disk.
|
||||
StateDiskKey []byte `protobuf:"bytes,1,opt,name=state_disk_key,json=stateDiskKey,proto3" json:"state_disk_key,omitempty"`
|
||||
// measurement_salt is a salt used to derive the node's ClusterID.
|
||||
// This value is persisted on the state disk.
|
||||
MeasurementSalt []byte `protobuf:"bytes,2,opt,name=measurement_salt,json=measurementSalt,proto3" json:"measurement_salt,omitempty"`
|
||||
// measurement_secret is a secret used to derive the node's ClusterID.
|
||||
// This value is NOT persisted on the state disk.
|
||||
MeasurementSecret []byte `protobuf:"bytes,3,opt,name=measurement_secret,json=measurementSecret,proto3" json:"measurement_secret,omitempty"`
|
||||
// kubelet_cert is the certificate to be used by the kubelet.
|
||||
KubeletCert []byte `protobuf:"bytes,4,opt,name=kubelet_cert,json=kubeletCert,proto3" json:"kubelet_cert,omitempty"`
|
||||
// api_server_endpoint is the endpoint of Constellation's API server.
|
||||
ApiServerEndpoint string `protobuf:"bytes,5,opt,name=api_server_endpoint,json=apiServerEndpoint,proto3" json:"api_server_endpoint,omitempty"`
|
||||
// token is the Kubernetes Join Token to be used by the node to join the cluster.
|
||||
Token string `protobuf:"bytes,6,opt,name=token,proto3" json:"token,omitempty"`
|
||||
// discovery_token_ca_cert_hash is a hash of the root certificate authority presented by the Kubernetes control-plane.
|
||||
DiscoveryTokenCaCertHash string `protobuf:"bytes,7,opt,name=discovery_token_ca_cert_hash,json=discoveryTokenCaCertHash,proto3" json:"discovery_token_ca_cert_hash,omitempty"`
|
||||
// control_plane_files is a list of control-plane certificates and keys.
|
||||
ControlPlaneFiles []*ControlPlaneCertOrKey `protobuf:"bytes,8,rep,name=control_plane_files,json=controlPlaneFiles,proto3" json:"control_plane_files,omitempty"`
|
||||
// kubernetes_version is the Kubernetes version to install on the node.
|
||||
KubernetesVersion string `protobuf:"bytes,9,opt,name=kubernetes_version,json=kubernetesVersion,proto3" json:"kubernetes_version,omitempty"`
|
||||
// kubernetes_components is a list of components to install on the node.
|
||||
KubernetesComponents []*KubernetesComponent `protobuf:"bytes,10,rep,name=kubernetes_components,json=kubernetesComponents,proto3" json:"kubernetes_components,omitempty"`
|
||||
}
|
||||
|
||||
@ -207,7 +222,9 @@ type ControlPlaneCertOrKey struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// name of the certificate or key.
|
||||
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
|
||||
// data of the certificate or key.
|
||||
Data []byte `protobuf:"bytes,2,opt,name=data,proto3" json:"data,omitempty"`
|
||||
}
|
||||
|
||||
@ -262,6 +279,7 @@ type IssueRejoinTicketRequest struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// disk_uuid is the UUID of a node's state disk.
|
||||
DiskUuid string `protobuf:"bytes,1,opt,name=disk_uuid,json=diskUuid,proto3" json:"disk_uuid,omitempty"`
|
||||
}
|
||||
|
||||
@ -309,7 +327,10 @@ type IssueRejoinTicketResponse struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// state_disk_key is the key to decrypt the state disk.
|
||||
StateDiskKey []byte `protobuf:"bytes,1,opt,name=state_disk_key,json=stateDiskKey,proto3" json:"state_disk_key,omitempty"`
|
||||
// measurement_secret is a secret used to derive the node's ClusterID.
|
||||
// This value is NOT persisted on the state disk.
|
||||
MeasurementSecret []byte `protobuf:"bytes,2,opt,name=measurement_secret,json=measurementSecret,proto3" json:"measurement_secret,omitempty"`
|
||||
}
|
||||
|
||||
@ -365,9 +386,13 @@ type KubernetesComponent struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// url to download the component from.
|
||||
Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
|
||||
// hash of the component.
|
||||
Hash string `protobuf:"bytes,2,opt,name=hash,proto3" json:"hash,omitempty"`
|
||||
// install_path is the path to install the component to.
|
||||
InstallPath string `protobuf:"bytes,3,opt,name=install_path,json=installPath,proto3" json:"install_path,omitempty"`
|
||||
// extract indicates whether the component is an archive and needs to be extracted.
|
||||
Extract bool `protobuf:"varint,4,opt,name=extract,proto3" json:"extract,omitempty"`
|
||||
}
|
||||
|
||||
|
@ -22,7 +22,9 @@ const _ = grpc.SupportPackageIsVersion7
|
||||
//
|
||||
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
||||
type APIClient interface {
|
||||
// IssueJoinTicket issues a join ticket for a new node.
|
||||
IssueJoinTicket(ctx context.Context, in *IssueJoinTicketRequest, opts ...grpc.CallOption) (*IssueJoinTicketResponse, error)
|
||||
// IssueRejoinTicket issues a join ticket for a node that has previously joined the cluster.
|
||||
IssueRejoinTicket(ctx context.Context, in *IssueRejoinTicketRequest, opts ...grpc.CallOption) (*IssueRejoinTicketResponse, error)
|
||||
}
|
||||
|
||||
@ -56,7 +58,9 @@ func (c *aPIClient) IssueRejoinTicket(ctx context.Context, in *IssueRejoinTicket
|
||||
// All implementations must embed UnimplementedAPIServer
|
||||
// for forward compatibility
|
||||
type APIServer interface {
|
||||
// IssueJoinTicket issues a join ticket for a new node.
|
||||
IssueJoinTicket(context.Context, *IssueJoinTicketRequest) (*IssueJoinTicketResponse, error)
|
||||
// IssueRejoinTicket issues a join ticket for a node that has previously joined the cluster.
|
||||
IssueRejoinTicket(context.Context, *IssueRejoinTicketRequest) (*IssueRejoinTicketResponse, error)
|
||||
mustEmbedUnimplementedAPIServer()
|
||||
}
|
||||
|
@ -26,6 +26,7 @@ type GetAttestationRequest struct {
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// bytes user_data = 1; removed
|
||||
// nonce is a random nonce to prevent replay attacks.
|
||||
Nonce []byte `protobuf:"bytes,2,opt,name=nonce,proto3" json:"nonce,omitempty"`
|
||||
}
|
||||
|
||||
@ -73,6 +74,7 @@ type GetAttestationResponse struct {
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// attestation is the attestation for the given user data and nonce.
|
||||
Attestation []byte `protobuf:"bytes,1,opt,name=attestation,proto3" json:"attestation,omitempty"`
|
||||
}
|
||||
|
||||
|
@ -22,6 +22,7 @@ const _ = grpc.SupportPackageIsVersion7
|
||||
//
|
||||
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
||||
type APIClient interface {
|
||||
// GetAttestation returns an attestation for the given user data and nonce.
|
||||
GetAttestation(ctx context.Context, in *GetAttestationRequest, opts ...grpc.CallOption) (*GetAttestationResponse, error)
|
||||
}
|
||||
|
||||
@ -46,6 +47,7 @@ func (c *aPIClient) GetAttestation(ctx context.Context, in *GetAttestationReques
|
||||
// All implementations must embed UnimplementedAPIServer
|
||||
// for forward compatibility
|
||||
type APIServer interface {
|
||||
// GetAttestation returns an attestation for the given user data and nonce.
|
||||
GetAttestation(context.Context, *GetAttestationRequest) (*GetAttestationResponse, error)
|
||||
mustEmbedUnimplementedAPIServer()
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user