Paul Meyer e7fc541a57
bazel: add buf as protobuf formatter to //:tidy (#1511)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-23 18:08:49 +01:00

79 lines
2.9 KiB
Protocol Buffer

syntax = "proto3";
package join;
option go_package = "github.com/edgelesssys/constellation/v2/joinservice/joinproto";
service API {
// IssueJoinTicket issues a join ticket for a new node.
rpc IssueJoinTicket(IssueJoinTicketRequest) returns (IssueJoinTicketResponse);
// IssueRejoinTicket issues a join ticket for a node that has previously joined the cluster.
rpc IssueRejoinTicket(IssueRejoinTicketRequest) returns (IssueRejoinTicketResponse);
}
message IssueJoinTicketRequest {
// disk_uuid is the UUID of a node's state disk.
string disk_uuid = 1;
// certificate_request is a certificate request for the node's kubelet certificate.
bytes certificate_request = 2;
// is_control_plane indicates whether the node is a control-plane node.
bool is_control_plane = 3;
}
message IssueJoinTicketResponse {
// state_disk_key is the key used to encrypt the state disk.
bytes state_disk_key = 1;
// measurement_salt is a salt used to derive the node's ClusterID.
// This value is persisted on the state disk.
bytes measurement_salt = 2;
// measurement_secret is a secret used to derive the node's ClusterID.
// This value is NOT persisted on the state disk.
bytes measurement_secret = 3;
// kubelet_cert is the certificate to be used by the kubelet.
bytes kubelet_cert = 4;
// api_server_endpoint is the endpoint of Constellation's API server.
string api_server_endpoint = 5;
// token is the Kubernetes Join Token to be used by the node to join the cluster.
string token = 6;
// discovery_token_ca_cert_hash is a hash of the root certificate authority presented by the Kubernetes control-plane.
string discovery_token_ca_cert_hash = 7;
// control_plane_files is a list of control-plane certificates and keys.
repeated control_plane_cert_or_key control_plane_files = 8;
// kubernetes_version is the Kubernetes version to install on the node.
string kubernetes_version = 9;
// kubernetes_components is a list of components to install on the node.
repeated KubernetesComponent kubernetes_components = 10;
}
message control_plane_cert_or_key {
// name of the certificate or key.
string name = 1;
// data of the certificate or key.
bytes data = 2;
}
message IssueRejoinTicketRequest {
// disk_uuid is the UUID of a node's state disk.
string disk_uuid = 1;
}
message IssueRejoinTicketResponse {
// state_disk_key is the key to decrypt the state disk.
bytes state_disk_key = 1;
// measurement_secret is a secret used to derive the node's ClusterID.
// This value is NOT persisted on the state disk.
bytes measurement_secret = 2;
}
// Discuss if we want to import the init proto instead of duplicating it
message KubernetesComponent {
// url to download the component from.
string url = 1;
// hash of the component.
string hash = 2;
// install_path is the path to install the component to.
string install_path = 3;
// extract indicates whether the component is an archive and needs to be extracted.
bool extract = 4;
}