syntax = "proto3"; package join; import "internal/versions/components/components.proto"; option go_package = "github.com/edgelesssys/constellation/v2/joinservice/joinproto"; service API { // IssueJoinTicket issues a join ticket for a new node. rpc IssueJoinTicket(IssueJoinTicketRequest) returns (IssueJoinTicketResponse); // IssueRejoinTicket issues a join ticket for a node that has previously joined the cluster. rpc IssueRejoinTicket(IssueRejoinTicketRequest) returns (IssueRejoinTicketResponse); } message IssueJoinTicketRequest { // disk_uuid is the UUID of a node's state disk. string disk_uuid = 1; // certificate_request is a certificate request for the node's kubelet certificate. bytes certificate_request = 2; // is_control_plane indicates whether the node is a control-plane node. bool is_control_plane = 3; } message IssueJoinTicketResponse { // state_disk_key is the key used to encrypt the state disk. bytes state_disk_key = 1; // measurement_salt is a salt used to derive the node's ClusterID. // This value is persisted on the state disk. bytes measurement_salt = 2; // measurement_secret is a secret used to derive the node's ClusterID. // This value is NOT persisted on the state disk. bytes measurement_secret = 3; // kubelet_cert is the certificate to be used by the kubelet. bytes kubelet_cert = 4; // api_server_endpoint is the endpoint of Constellation's API server. string api_server_endpoint = 5; // token is the Kubernetes Join Token to be used by the node to join the cluster. string token = 6; // discovery_token_ca_cert_hash is a hash of the root certificate authority presented by the Kubernetes control-plane. string discovery_token_ca_cert_hash = 7; // control_plane_files is a list of control-plane certificates and keys. repeated control_plane_cert_or_key control_plane_files = 8; // kubernetes_version is the Kubernetes version to install on the node. string kubernetes_version = 9; // kubernetes_components is a list of components to install on the node. repeated components.Component kubernetes_components = 10; } message control_plane_cert_or_key { // name of the certificate or key. string name = 1; // data of the certificate or key. bytes data = 2; } message IssueRejoinTicketRequest { // disk_uuid is the UUID of a node's state disk. string disk_uuid = 1; } message IssueRejoinTicketResponse { // state_disk_key is the key to decrypt the state disk. bytes state_disk_key = 1; // measurement_secret is a secret used to derive the node's ClusterID. // This value is NOT persisted on the state disk. bytes measurement_secret = 2; }